Reputation: 61
Why isn't this session destroyed?
I've this logout.php page that I use to logout from my PHP project.
<?php
session_start();
$conn4=mysqli_connect("localhost", "root", "", "winkcage");
$useronline=$_SESSION["unamsession"];
$queryseen="UPDATE signup SET seen='' WHERE username='$useronline'";
$queryseenrun=mysqli_query($conn4, $queryseen);
session_destroy();
session_unset();
header('Location: login.php');
?>
[Both in Firefox and Chrome]: When I click logout button, the page is redirected to login.php, but when I load the home page again in different tab (which should open only when the session is not destroyed), it loads instead of redirecting to login.php (this would be my index page).
I don't know what's wrong with this code. Does writing session_destroy() before session_unset() make any difference? How do I fix it?
[Only with Chrome, in Firefox it's okay]: When I close the Firefox, the session is automatically destroyed, which is obvious, but it's not with Chrome. Chrome isn't destroying it. How's it possible? I've checked my code thoroughlly but I didn't find any code line related to cookie.
Another problem is that when I'm logged in for a few minutes (I guess 20-30), the session is automatically destroyed. Is it possible that I have written some code by mistake for this? Or is it default?
Upvotes: 2
Views: 101
Answers (2)
Reputation: 463
From http://php.net/manual/en/function.session-unset.php
Session unset simply clears the session for use but it is not destroyed, it is still on the user's computer.
Try the following:
session_start();
session_destroy();
$_SESSION = array();
header('Location: index.php');
Upvotes: 1
Reputation: 1358
not sure if you are using cookie or not but i think this will solve it ....
$queryseenrun=mysqli_query($conn4, $queryseen);
session_unset();
$_SESSION = array();
// get session parameters
$params = session_get_cookie_params();
//delete the actual cppkie
setcookie(session_name(),'', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
// Destroy session
session_destroy();
//redirect to the index.php
header("Location: login.php");
exit();
Upvotes: 1
Related Questions
- Reference Guide: What does this symbol mean in PHP? (PHP Syntax)
- How do I expire a PHP session after 30 minutes?
- Why shouldn't I use mysql_* functions in PHP?
- When should I use 'self' over '$this'?
- PHP session_destroy() isn't working
- Why session is not destroyed, after i destroy it in my logout.php page?
- Ending A Session, Redirect to Another Page
- Error while destroying session in PHP