Several comments, Jason. > session_destroy() terminates the session, which cannot be > started up again > until the browser is restarted... Yes, session_destroy removes the session file that stores the values of session variables between pages. Once gone, it cannot be accessed again under any circumstances. > sooo... I just removed session_destroy, and settled for using > sess_unset() > to log out of a session. > > using this method the session is still open, and the session > variables are > still registered. since they are still registered, they can > still be used on > the chance that I log in again, correct? session_unset clears the values of all session variables in memory while on the current page. If the variables are not re-assigned before the page ends, all the variables in the session file get blanked out when the page ends. > case logout: > session_unset(); > session_destroy(); > $AuthErr = "<FONT SIZE=-1 COLOR=red>Session Terminated</FONT>"; > break; > > > What is happening, is after the user authenticates and logs > in, everything > looks good, but whenever the user follows any link, the > session gets unset > and destroyed. Have you verified that the session file actually disappears? This sounds more like the session ID is not getting passed along to the next page, so that PHP is not aware that a session already exists (and so starts a new one). The session ID is usually passed between pages using a cookie. The ID is what allows PHP to find the correct session file and restore the session variable values. Kirk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
