Hi
You will need to kill the session data on the exit of your failed login not
on entry to the login page as the data will already be overwritten by the
previous session value.
I use
unset($name);
unset($password);
...
Tom
At 04:24 PM 6/03/01 +0900, Yasuo Ohgaki wrote:
>Do you use custom session handlers?
>Try session_unset() also. It may help.
>
>Regards,
>Yasuo Ohgaki
>
>
> > Got a problem with sessions.
> >
> > On my index page, there's a place for people to login. Well, when I test
> > with two different user names (ie: mike and jlo) it reverts to the first
> > one when login fails. For example:
> > I enter in the username "myuen" and a wrong password. I get my
> > "Password/Username invalid" message which is what I want.
> >
> > The page refreshes, the username slot already has myuen in it from the
> > last entry, I erase it, enter in a new username "jlo" and the correct
> > password and it will not log me in.
> >
> > I know once you attempt to login, it saves the username as a session
> > variable. On my index.php page, I have a script that checks if a session
> > exists (particularly the Username), if it exists, destroy it otherwise,
> > continue on. Obviously it's not destroying it once we enter in a wrong
> > username and try to login again.
> >
> > Any ideas on how to fix this?
> >
> > Here's my coding:
> > <?PHP
> > if(session_is_registered("CUserName"))
> > session_destroy();
> >
> > session_register("CUserName");
> > $CUserNameSession="CUserName";
> >
> > //SNIP
> > ?>
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
