Geek Answers Handbook

PHP session does not kill after user logout

I am trying to create an authentication mechanism for my PHP application, and it’s hard for me to handle this session. I tried to disable the authentication token that was previously set in the session array and destroyed the session through

session_destroy,

and also completely reset the array of sessions before destroying the session. I call the header function and return to the index.php page at the end of the function calls. I also tried

session_write_close

to close the session. When I register a user, I do a vardump session, and it does not show any data, however, when I return to the index.php page, I return the user authentication data. I also did a vardump of the Post data just to make sure that I didn’t somehow resend the authentication mail handler.

Any suggestions on what to do here?

+5
source share
6 answers

First, make sure you call session_start();before the call session_destroy();, because it will only issue a warning if you do not.

Also from PHP: session_destroy :

, , . ( ) , . setcookie().
+6

PHP, session_unset() > session_destroy(); , . PHP session_destroy(), , , , , cookie, . ( PHP), , ( ) , session_unset() session_destroy().

, , , , PHP , . Best Practice, IMO, header('Location: ...'); die;

+2

session_unset(), Buggy IE , .

+1

, Fiddler, , . save_path

0

, ?

:

session_start();
$_SESSION['varName'] = null;
$_SESSION = array();
session_destroy();
0

, index.php

? (CTRL+F5 -).

, HTML <head> :

<meta http-equiv="cache-control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="0">

, PHP- PHP header():

header('cache-control: no-cache,no-store,must-revalidate'); // HTTP 1.1.
header('pragma: no-cache'); // HTTP 1.0.
header('expires: 0'); // Proxies.

:)

0

More articles:


All Articles