on 4/6/03 10:39 PM, Alexa Kirk at akirk@ufl.edu appended the following bits
to my mbox:
> I am using session variables throughout an application, and every time I
> try to log in as someone else after the first time I've logged in, it
> uses the userid of the first person that logged in. I know the session
> has to be destroyed or something, so I wanted to make a logoff page, but
> it is not working. I'm getting an Internal Server Error.
> Here is my code for logoff.php:
This is pretty off-topic for the PHP-DB list. It should be on PHP-General
instead.
If I recall correctly, the actual session files aren't deleted on the server
when you call session_destroy(); They hang around until garbage collection
kicks in. The user's cookie is also not deleted so they come back with the
same session next time if the browser isn't quit first. One solution is to
manually unset the session variables as well. I've done things like this:
session_start();
session_unregister('this_password');
session_unregister('this_username');
session_unset();
session_destroy();
According to php.net, you should also do:
$_SESSION = array();
Before the calls to unset and destroy.
See the comments on this page for a bunch more information:
<http://www.php.net/manual/en/function.session-destroy.php>
HTH.
Sincerely,
Paul Burney
<http://paulburney.com/>
<?php
while ($self != "asleep") {
$sheep_count++;
}
?>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
