session_start();
ob_start();
unset($_SESSION);
session_destroy();
header("Location:login.php");
Even after logout from home page session didn't destroy
inner pages redirection is working after logout. please help me
Make sure to only do a session_destroy right after you do session_start. Do not unset the whole variable, this also disables the registration of session variables.
session_start();
..
session_destroy();
header("Location: login.php");
You should use session_unset instead of unset($_SESSION):
<?php
session_start();
session_unset();
session_destory();
header("Location:login.php");
?>
Related
I'm just implementing a login and logout system using PHP and experiencing problems with logout. The system outline is as follows:
When the user logs in, a session is created with a session variable "user" and "stud" as i'm creating it for student and admin.
After the session is set up, the user is redirected to home.php file.
In that file, a logout button is placed. When the user clicks the logout button session destroyed, but it destroyed both account. I try login both account, student and admin, but when i try logout for admin, it'll destroyed both account.
Anyone can help me with this problem?
here is my coding for admin logout:
session_start(); if(!isset($_SESSION['user'])) { header("Location:
index.php"); } else if(isset($_SESSION['user'])!="") {
header("Location: homeAdmin.php"); }
if(isset($_GET['adminLogout'])) { session_destroy();
unset($_SESSION['user']); header("Location: index.php"); }
You have maintain the sessions for user and admin separately like $_SESSION['user'] and $_SESSION['stud']
and destroy the respective session on logout process. Means if logout the user than destroy only $_SESSION['user']
if(isset($_GET['adminLogout'])) { session_destroy(); unset($_SESSION['user']); header("Location: index.php"); }
Here you are taking the parameter admin logout and destroying user session as well. I assume you should first check which session is set and destroy that particular session. Also don't use session destroy, just unset will work for you.
session_destroy destroys all the session, you can check here for more reference how it works
http://php.net/manual/en/function.session-destroy.php
thank you guys i've got my answer. here am sharing teh answer of the problems:
<?php
session_start();
if(!isset($_SESSION['user']))
{
header("Location: index.php");
}
else if(isset($_SESSION['user'])!="")
{
header("Location: homeAdmin.php");
}
if(isset($_GET['adminLogout']))
{
unset($_SESSION['user']);
header("Location: index.php");
}
?>
just delete the session_destroy()
Hello i am trying to destory session when i press signout button then it's logging out and redirecting to login page; but when click back in browser that page is loading with loign menu on top.
And i have wrote a code in everypage as if session not available redirect to login page.
Here is my logout code for session_destroy:
elseif(isset($_GET['type']) && $_GET['type']== "logout" )
{
if (!isset($_SESSION['id'])) {
header('location:index.php');
} else {
session_destroy();
$_SESSION = array();
header('location:index.php');
}
}
here is the code what i have mentioned in all pages:
session_start();
include_once('includes/config.php');
if(!isset($_SESSION['id'])) {
header('location:login.php');
}
So my question is completly logout if press back it should not load and has to redirect to login page.
<?php
session_start();
if($_SESSION['id']){
unset($_SESSION['id']); // destroys the specified session.
}
header('Location:index.php'); //redirect to preferred page after unset the session
?>
session_destroy()
By this function you can destroy all session at browser. If you work with php you should write :
ob_start ();
session_start();
By this your buffer also flush and new start session. Try with it.
Create a page like signout.php, And set signout button link to this page.
Example
Signout
Add below codes for signout.php page.
session_start(); #Start new or resume existing session
#session_unset($_SESSION['key']); #Free specific session variable if you want, OR
session_destroy(); #Destroys all data registered to a session
header('location:login.php'); #Redirect to login page after logout
This should work for you!
Try in this way :
session_start();
unset($_SESSION["id"]);
session_destroy();
header('location:index');
There are two login pages and if one page is logged out other also automatically getting logged out how to change that?
adminlogout.php
<?php
session_start();
unset($_SESSION['ADMIN_UNAME']);
session_destroy();
header("location: adminlogin.php?logout=true");
?>
logout.php
<?php
session_start();
unset($_SESSION['SESS_MEMBER_ID']);
session_destroy();
header("location: login.php");
?>
Please remove session_destroy() function. session_destroy() delete complete session information for request with sessionid from the server. Hence both scripts logouts.
adminlogout.php
<?php
session_start();
unset($_SESSION['ADMIN_UNAME']);
header("location: adminlogin.php?logout=true");
?>
logout.php
<?php
session_start();
unset($_SESSION['SESS_MEMBER_ID']);
header("location: login.php");
?>
When you use session_destroy(); you completely remove everything the server knows about your current session. Note a session survives while the current browser instance is open, if you destroy the session you destroy all the session globals.
If you want to logout of just the admin or a normal user you should just change a session variable to reflect that.
As the others already pointed out, the problem is the call of session_destroy() as this destroy the whole session.
But I'd like to add that you should maybe consider using a multidimensional array in your session for different purposes or, what is even better, use different sessions as they are in completely different areas (e.g. the admin session should definitely not be shared with a normal user session, using HTTPS cookies, etc.).
unset the session variable or make the session variable as empty in logout.php
adminlogout.php
<?php
session_start();
$_SESSION['ADMIN_UNAME']='';
header("location: adminlogin.php?logout=true");
?>
logout.php
<?php
session_start();
$_SESSION['SESS_MEMBER_ID']='';
header("Location:login.php");
?>
I'm running two different php applications/sessions at the same time (on the same page), which I need to close/kill upon user logout and then redirect a user to a login page. Would this be the right way of doing it? Thanks.
<?php
session_name('loginsystem');
session_name('chatsystem');
session_start();
$_SESSION = array();
session_unset();
session_destroy();
header("Location:http://localhost:8888/vtracker2/index.php");
exit();
?>
you are nearly done, just do this
<?php
session_start();
session_destroy();
header("Location:http://localhost:8888/vtracker2/index.php");
exit();
?>
session_destroy() function unset all the session which are active.
I created a log out page and calling it through a href link but it not working the session was not destroying. Help me, the code n link are below.
logout.php
<?php
session_start();
session_unset();
session_destroy();
header("location:index.php");
?>
Make sure the file is on same server.
Write this code on the very top of everything else.
Additionally use this code
session_unset();
session_write_close();
session_destroy only destroys session on server end not the cookies, make sure you are not using cookies, if yes then see below code
To Set cookie
setcookie("cookieName", $value, time()+3600);
To Unset Cookie
setcookie("cookieName", $value, time()-36000);
More details about session: PHP: session_destroy - Manual
You probably need to regenerate the session ID:
session_regenerate_id();