Why session is not destroyed, after i destroy it in my logout.php page?
Question
I have started session (session_start()) in file which is included in all pages. My link for logout.php is in this file, i ll post code for included file later, also code for my logout.php page.
After i logout, its all ok, but if i click more then 2-3 times on my admin button (which should be active only if $_session['user1'] and $_session['pass'] r correct) i proceed to admin.php page (after i destroyed session oO);
Part of my included file to all pages:
<?php
session_start();
if ((!isset($_SESSION['user1']))&&(!isset($_SESSION['pass1']))) {
echo "<li><a href='login.php'>Admin</a></li>";
}
else {
echo "<li><a href='Admin.php'>Admin</a></li>";
};
?>
logout page:
<?php
session_start();
unset ($_SESSION['user1'],$k);
unset ($_SESSION['pass'],$p);
session_destroy();
header('Location:Naslovna.php');
exit();
?>
2 answers
solution1
0 2015-06-02 21:50:43
I had this problem recently, solved it with this:
unset($user1,$pass);
session_unset();
session_destroy();
header('Location: ../index.php');
solution2
0 2015-06-02 21:59:55
As per the documentation :
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.
If you want to truly destroy the session, you have to unset the session cookie yourself.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.