I have a profile page in my website that welcomes the user with his/her name using session variable. After I unset this variable, the page can still access that name. I cannot properly erase the data.
I've tried to set it to null, session_unset and session_destroy
<?php #session_start(); ob_start(); ?>
//Some HTML code here
<?php
if( isset($_SESSION["user"]) && $_SESSION["login"]) {
echo '<div><p>welcome ' .$_SESSION["user"]. '!</p></div>';
echo
"<form action='' method='post'>
<input type='submit' name='use_button' value='Log out' />
</form>";
if(isset($_POST['use_button'])) {
$_SESSION["login"] = false;
unset($_SESSION["user"]);
session_unset();
echo "logout successful.";
echo '<script>window.location.href = "same-page.php";</script>';
}
}
else
echo 'no login data.';
?>
//Some HTML code here
<?php ob_end_flush(); ?>
I expected that after the redirect, the first if condition would not be satisfied and it gives the output 'no login data' but it still can access the session variables.
External php file:
<?php
session_start();
$_SESSION["user"] = '' ;
$_SESSION["login"] = false ;
echo '<script>window.location.href = "../profile.php";</script>';
?>
I think you can do this by destroying the session by using session_destroy() Method.
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.
You can more about it from session_destroy()
here you are doing session destroy but you also need to do unset that particular variable from sessions array just like below before destroying session.
unset($_SESSION['user']);
Put this line immediately after your redirect line
echo '<script>window.location.href = "same-page.php";</script>'; // redirect
exit; // close current php script after redirect
Related
I have a page where I set a value to a SESSION but when I redirect to another page
ex. index.php that value I put to that SESSION doesn't exist anymore!
<?php
session_start();
// this is the page where I set a value to a SESSION called var!
$SESSION['var'] = "hello";
if(isset($SESSION['var'])){
echo "Yes it is";
header("location: test.php");
exit();
}
else {
echo "No it isnt";
}
?>
And this is the test.php where I get the SESSION undefined error!
<?php
session_start();
if(isset($SESSION['var'])){
echo "Yes it is";
}
else {
echo "No it isnt";
}
?>
Ass you can see, I put session_start(); in both pages but still nothing!
Any help would be much appriciated,
thank you!
P.S Im using XAMPP
To access session variables you need to access the $_SESSION. Change $SESSION to $_SESSION. Hope this helps.
I have written a simple code for $_SESSION variable in the first php file:
<?php
session_start();
$_SESSION["name"] = "John";
?>
and in another php file to render this:
<?php
session_start();
echo $_SESSION["name"];
?>
But after that i used session_unset(); and session_destroy(); and after that i can't render any new $_SESSION variable nor the existing one. I am using Microsoft WebMatrix program and Chrome as main browser. Any suggestions? Thank you in advance.
That is because session_destroy(); destroys the current session and also sends a header to the browser to delete the session variable. In the same time the session is deleted on the server (in PHP) and the $_SESSION variables can no longer be used. You can always try to save the $_SESSION in another variable;
session_start();
$_SESSION['test'] = 'foo';
Next page:
session_start();
$saveSession = $_SESSION;
session_destroy();
var_dump($_SESSION); //Gives an empty array
var_dump($saveSession); //Still has ['test' => 'foo']
More information: http://php.net/manual/en/function.session-destroy.php and http://php.net/manual/en/book.session.php
Also, sidenote, you do not need to open and close PHP tags if they are combined;
<?php
session_start();
echo $_SESSION["name"];
?>
works just as well as
<?php
session_start();
?>
<?php
echo $_SESSION["name"];
?>
My sessions still shows values of sessions that are deleted on some pages. My header has the session start on every page.
<?php session_start(); ?>
I unset my session with:
$key_to_remove = $_POST['key'];
if (count($_SESSION["Carray"]) <= 1) {
unset($_SESSION["Carray"]);
} else {
unset($_SESSION["Carray"]["$key_to_remove"]);
sort($_SESSION["Carray"]);
}
Try This I use this kind of code for destroy session and it's working.
<?php
session_start();
$_SESSION = array();
session_destroy();
if(isset($_SESSION['key']))
{
unset($_SESSION['carry']);
}?>
Is this possible? I have sent a value using a form post and retrived in the php but if i refresh it disappears. Can this be stored?
Yes you can store it in SESSION. Please read the following code:-
<?php
// Start the session
session_start();
?>
<!DOCTYPE html>
<html>
<body>
<?php
// Check Post variables are available
if(isset($_POST['username']))
{
echo $_POST['username']." Username found in form <br />";
// Set session variables
$_SESSION["username"] = $_POST['username'];
echo $_SESSION["username"]." stored in session <br />";;
}
else
echo 'No, form submitted. Your old stored username was '.$_SESSION["username"];
//echo 'No, form submitted.';
?>
</body>
</html>
To start session in wordpress
Write below code in your functions.php
function register_my_session()
{
if( !session_id() )
{
session_start();
}
}
add_action('init', 'register_my_session');
// set session to start
/*session is started if you don't write this line can't use $_Session global variable*/
session_start();
$_SESSION["newsession"]= $value;
$_SESSION['post_session'] = $_POST;
you can see documentation of session
http://php.net/manual/en/reserved.variables.session.php
This should be an easy one, if I explain it well.
I am trying to create a web page, where the session starts when the user enters a name, the name is displayed constantly, until the user presses the log out button; which should end the session. The closest I have gotten to is this:
<if (isset($_POST['name'])) {
$_SESSION['name'] = $_POST["name"];
echo "<input type='submit' name='logout' method='logout' value='Log out'>";
echo "</form>";
echo "</h1>";
echo "</div>";
if(isset($_POST['logout']) && ($_POST['logout'] == "Log out")) {
session_destroy(); }
but it doesn't end the session and the name keeps being displayed constantly once entered. i.e. There is no way to end the session.
If you need any more explanation, or more of the code to understand, please let me know. Any help is much appreciated.
You can change session_destroy() by unset($_SESSION['name']) , like this:
if (isset($_POST['name'])) {
$_SESSION['name'] = $_POST["name"];
echo "<input type='submit' name='logout' method='logout' value='Log out'>";
echo "</form>";
echo "</h1>";
echo "</div>";
if(isset($_POST['logout']) && ($_POST['logout'] == "Log out")) {
unset($_SESSION['name']);
}
}
Use session_unset() to destroy all registered variables in the session and if you want unset a specific variable like name use unset($_SESSION['name'])
Do NOT unset the whole $_SESSION with unset($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal.
You can try to add a call to session_commit() just after session_destroy();
The code below handles the Logout hyperlink, so it creates the global variable logout and it unsets the session
Log out
<?php
if(isset($_GET['logout'])) {
session_unset();
}
?>