Hello,
PHP 4.2.2
I'm working on a cart program right now and I can't properly log the
user out. The only way I've been able to get a different session id is
by closing all browser windows and reloading the site.
Scenario:
I go the site I'm working on and click the login page. I have 'echo
session_id();' in the login page so I can see the session id. I fill in
my username and password and click "login". I'm then sent to a
processing page that actually fills in the session variable with some
data (i.e. username, session id, security level, etc.). I then redirect
back to the login page with header("Location: login.php");.
Now that I'm back at the login page I still see my session id (and as
expected it is the same). Then I click "logout" and am taken to a logout
page. The logout page is as follows:
<?
// start the customers session
session_start();
session_destroy();
setcookie("user_info","",(time()-3600),"/");
header("Location: {$_SERVER["HTTP_REFERER"]}");
exit;
?>
Here is another version of the same file that I've tried using:
<?
// start the customers session
session_start();
session_unset();
session_destroy();
header("Location: {$_SERVER["HTTP_REFERER"]}");
exit;
?>
As far as I have been able to find out (by surveying other people and
RTFM'ing) I'm doing it correctly, but for some it's just not working.
After I click logout I would expect to be sent back to the login page
and see a different session id displayed, but instead I'm presented with
the same session id. The only way I can get a different session id is by
closing all the browser windows and starting over.
Anyone have any ideas?
Thanks,
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
