I'm running the following to kill a session, and haven't had any problems
with it yet...
<?
session_start();
session_unset();
session_destroy();
echo "Session gone.";
etc...
At 05:16 PM 3/7/01 +1030, you wrote:
>try
>session_start();
>before the if statement - otherwise it will always be FALSE...btw the
>'unset()' is redundant i think.
>
>----- Original Message -----
>From: "Mike Yuen" <[EMAIL PROTECTED]>
>To: "trogers" <[EMAIL PROTECTED]>
>Cc: "Yasuo Ohgaki" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Wednesday, March 07, 2001 5:11 PM
>Subject: Re: [PHP] Session not destroying properly
>
>
> > Thanks for the suggestion, I tried that and it still doesn't seem to be
> > working.
> > Here's what i've got so far on my page (index.php).
> >
> > <?PHP
> > if(session_is_registered("CUserName"))
> > {
> > session_destroy();
> > unset($CUserName);
> > header("Location: $PHP_SELF");
> > }
> > else
> > {
> > session_register("CUserName");
> > $CUserNameSession="CUserName";
> > }
> > //SNIP
> > ?>
> >
> > Hope you can see something I don't. Thanks,
> > Mike
> >
> > On Tue, 6 Mar 2001, trogers wrote:
> >
> > >
> > > Hi
> > > You will need to kill the session data on the exit of your failed login
>not
> > > on entry to the login page as the data will already be overwritten by
>the
> > > previous session value.
> > > I use
> > > unset($name);
> > > unset($password);
> > > ...
> > >
> > > Tom
> > >
> > >
> > > At 04:24 PM 6/03/01 +0900, Yasuo Ohgaki wrote:
> > > >Do you use custom session handlers?
> > > >Try session_unset() also. It may help.
> > > >
> > > >Regards,
> > > >Yasuo Ohgaki
> > > >
> > > >
> > > > > Got a problem with sessions.
> > > > >
> > > > > On my index page, there's a place for people to login. Well, when I
>test
> > > > > with two different user names (ie: mike and jlo) it reverts to the
>first
> > > > > one when login fails. For example:
> > > > > I enter in the username "myuen" and a wrong password. I get my
> > > > > "Password/Username invalid" message which is what I want.
> > > > >
> > > > > The page refreshes, the username slot already has myuen in it from
>the
> > > > > last entry, I erase it, enter in a new username "jlo" and the
>correct
> > > > > password and it will not log me in.
> > > > >
> > > > > I know once you attempt to login, it saves the username as a session
> > > > > variable. On my index.php page, I have a script that checks if a
>session
> > > > > exists (particularly the Username), if it exists, destroy it
>otherwise,
> > > > > continue on. Obviously it's not destroying it once we enter in a
>wrong
> > > > > username and try to login again.
> > > > >
> > > > > Any ideas on how to fix this?
> > > > >
> > > > > Here's my coding:
> > > > > <?PHP
> > > > > if(session_is_registered("CUserName"))
> > > > > session_destroy();
> > > > >
> > > > > session_register("CUserName");
> > > > > $CUserNameSession="CUserName";
> > > > >
> > > > > //SNIP
> > > > > ?>
> > > >
> > > >
> > > >--
> > > >PHP General Mailing List (http://www.php.net/)
> > > >To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > >For additional commands, e-mail: [EMAIL PROTECTED]
> > > >To contact the list administrators, e-mail:
>[EMAIL PROTECTED]
> > >
> > >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
