?

Search Help Board

PHP FAQ
PHP Articles
PHP Help
Bulletin Board
PHP Manual (NEW!)
First Time PHP'ers
Help with programming
Sql assignment help
PHP Homework Help


C# Help

?
New Topic??|??Go to Top??|??Go to Topic??|??Flat View??|??Search?
?Previous Message??|??Next Message
?Re: Session Destroy Failure
Author:??(---.capfed2.sinectis.com.ar)
Date:???06-02-03 19:26

first of all make sure the condition which should take you to the session_destroy is gettin true when it should. maybe you're never getting to that script line and, therefore, never processing the session_destroy command. you can do that by replacing the "session_destroy" line by, i.e.,

echo "SESSION DESTROY LINE IS BEING PROCESSED";
?>

if u ever get this msg then, so far, this is workin right.
then make sure you're starting that session before killin it, if you're not then you should be getting an error warning msg.

then i suggest you anyway to use a more up-to-date version of session handling, and using names for sessions,


starting a session:
session_start("user_session");
?>

registering and setting session variables:
session_start("user_session");
session_register("user_name");
// now $user_name is a session variable
// under the "user_session" session
// since it's been registered
// after starting the "user_session" session
$user_name="federico";
?>

retrieving a variable in another page
or in another execution of the page


// $user_name is not a session var
// yet cause the session hasn't been
// started yet (*)
$user_name="";

session_start("user_session");

// display the session variable
// $user_name which became local now
// and will be a session var
// just by ending the code
echo $user_name;
?>

that should output my name.

the first 2 lines of the previous code should be omitted if the session has been already started in the current execution of that page.

(*) the $user_name=""; line is for security reasons.
if the $user_name variable has eventually not been registered and that line* wasn't there anyone could force $user_name's value by typing file.php?user_name=any+name right in the browser's adress bar. this line* empties the local var $user_name but it doesn't kill the session varibale since the session hasn't been started yet.

killing a session variable:
session_start("user_session");

// sets the $user_name session variable to
// an empty value
$user_name="";

// unlinks the variable to the session.
// not really needed since you've emptied it
session_unregister("user_name");

// destroys the "user_session" session
// not needed at all, since $user_name
// was dead long ago
session_destroy();
?>

the previous code is quite unclead and repetitive but you'll never wonder wether the user has logged out or not :)

hope this helps

gl

Reply To This Message
?Newer Topic??|??Older Topic

?Topics Author? Date
?Session Destroy Failure??new
Ivan the Naib 06-02-03 12:03?
?Re: Session Destroy Failure??new
federico 06-02-03 13:19?
?Re: Session Destroy Failure??new
Ivan the Naib 06-02-03 14:16?
?Re: Session Destroy Failure??new
federico 06-02-03 19:26?
Go to Top??|??Go to Topic??|??Flat View??|??Search?
??|??
New Topic
?Reply To This Message
?Your Name:
?Your Email:
?Subject:
Email replies to this thread, to the address above.
??wrote: > > first of all make sure the condition which should take you to > the session_destroy is gettin true when it should. maybe > you're never getting to that script line and, therefore, > never processing the session_destroy command. you can do that > by replacing the "session_destroy" line by, i.e., > > echo "SESSION DESTROY LINE IS BEING PROCESSED"; > ?> > > if u ever get this msg then, so far, this is workin right. > then make sure you're starting that session before killin it, > if you're not then you should be getting an error warning msg. > > then i suggest you anyway to use a more up-to-date version of > session handling, and using names for sessions, > > > starting a session: > session_start("user_session"); > ?> > > registering and setting session variables: > session_start("user_session"); > session_register("user_name"); > // now $user_name is a session variable > // under the "user_session" session > // since it's been registered > // after starting the "user_session" session > $user_name="federico"; > ?> > > retrieving a variable in another page > or in another execution of the page > > > // $user_name is not a session var > // yet cause the session hasn't been > // started yet (*) > $user_name=""; > > session_start("user_session"); > > // display the session variable > // $user_name which became local now > // and will be a session var > // just by ending the code > echo $user_name; > ?> > > that should output my name. > > the first 2 lines of the previous code should be omitted if > the session has been already started in the current execution > of that page. > > (*) the $user_name=""; line is for security reasons. > if the $user_name variable has eventually not been registered > and that line* wasn't there anyone could force $user_name's > value by typing file.php?user_name=any+name right in the > browser's adress bar. this line* empties the local var > $user_name but it doesn't kill the session varibale since the > session hasn't been started yet. > > killing a session variable: > session_start("user_session"); > > // sets the $user_name session variable to > // an empty value > $user_name=""; > > // unlinks the variable to the session. > // not really needed since you've emptied it > session_unregister("user_name"); > > // destroys the "user_session" session > // not needed at all, since $user_name > // was dead long ago > session_destroy(); > ?> > > the previous code is quite unclead and repetitive but you'll > never wonder wether the user has logged out or not :) > > hope this helps > > gl ">??

Provided By
Phorum