I use this class but have issue. All sessions found in the database are not deleted.
What command to clear the session from the database should be used?
I tested with Firefox and Chrome. This is my code for clear session:
<?php
ob_start();
require_once '../inc/class_session.inc.php';
$session = new Session();
if(!isset($_SESSION['admin']) OR !isset($_SESSION['userid'])){
unset($_SESSION['admin']);
unset($_SESSION['userid']);
session_destroy();
session_unset();
header('location: index.php');
exit();
}
?>
Related
Was just wondering why my code isn't working here:
<?php
session_start();
if (isset($_SESSION)) {
session_unset();
session_destroy();
}
?>
I've tried printing out the result of echo isset($_SESSION) and it returns true, and my pages that require login are still allowing me to access them.
You must definitely define a variable as session
for example:
LOGIN
<?php
session_start();
if($_POST['username']){
$_SESSION['username'] =$_POST['username']; // session run
}
?>
LOGOUT
<?php
session_start();
if($_POST['LOGOUT']=='exit'){
#session_unset();
}
?>
You can also use
unset($_SESSION['username']);
instead of
session_unset();
<?php
include('session_sty_chk.php');
session_start();
if(session_destroy()) // Destroying All Sessions
{
//echo "<script>alert('$login_sessionn log out successfully');</script>";
echo"<script>window.location.href = 'index_sty_chk.php';</script>";
//header("Location: index.php"); // Redirecting To Home Page
}
?>
above code is session destroy code.
In my application i am create two session
Session name:-
1:-admin,
2:-society user
when i am click on logout button then destoy the bothe admin and society user session.
So sir i want destoy only society user session in the application so help me to solve it.
unset($_SESSION['society user']);
use this code
From the php website:
<?php
$session_id_to_destroy = 'nill2if998vhplq9f3pj08vjb1';
// 1. commit session if it's started.
if (session_id()) {
session_commit();
}
// 2. store current session id
session_start();
$current_session_id = session_id();
session_commit();
// 3. hijack then destroy session specified.
session_id($session_id_to_destroy);
session_start();
session_destroy();
session_commit();
// 4. restore current session id. If don't restore it, your current session will refer to the session you just destroyed!
session_id($current_session_id);
session_start();
session_commit();
?>
Link: http://php.net/manual/en/function.session-destroy.php#114709
Is there some correct way to regenerate session ID and unset old session? I DONT WANT delete it, but only unset.
i have this function
function sessionRegenerateID(){
session_start();
$ses = $_SESSION;
session_unset();
session_write_close();
session_start();
session_regenerate_id();
$_SESSION = $ses;
}
I have created a login/logout system in my application but it's not working even using session_start();, session_destroy(); and session_unset (); etc.
Here is what I have done so far:
the first page (login)
<?php
if(
!isset($_SERVER['PHP_AUTH_USER'])||
!isset($_SERVER['PHP_AUTH_PW'])||
($_SERVER['PHP_AUTH_USER'])!="admin"||
($_SERVER['PHP_AUTH_PW']!="admin")
)
{
header('WWW-Authenticate: Basic realm="Accès refusé"');
echo 'Accès refusé';
exit;
}
else
session_start ();
$_SESSION['PHP_AUTH_USER'] = "admin";
$_SESSION['PHP_AUTH_PW'] = "admin";
echo '
and this is the logout part
<?php
session_start();
session_unset ();
session_destroy();
header("Location: index.php");
die;
?>
The problem is that the session is not destroyed, even when clicking the logout button.
You are using http authentication
Cookies and Sessions does not have any influence on http authentication
"No correct way exists" to logout.
Create another login/logout system, it's not hard.
I have a logout file for my web application. I would like to create a session after the logout so that I can echo a logout success message. My logout code works but I am unable to create a new session after destroying the previous one.
What is the best way to do this, see code:
//LOGOUT.PHP
session_start();
//// unset all $_SESSION variables
session_regenerate_id();
session_unset();
session_destroy();
$_SESSION['logoutsuccess'] = 'You have successfully logged out.';
header("Location: /login/");
exit;
//LOGIN.PHP (ECHO SUCCESS MESSAGE)
if(isset($_SESSION['logoutsuccess']))
{
echo '<div class="success">'.$_SESSION['logoutsuccess'].'</div>';
unset($_SESSION['logoutsuccess']);
}
I would like to avoid passing variables in the url if possible.
Call session_start() again after session_destroy()?
Just start a new session:
session_start();
session_destroy();
session_start();
$_SESSION['food'] = 'pizza';
Instead of trying to store it as a session variable, you could check the referer and check for /logout/
if(strpos($_SERVER['HTTP_REFERER'], 'logout') !== false) {
echo 'You have successfully logged out.';
}
session_id($session_id_to_destroy);
session_start();
session_destroy();
session_commit();