Im trying to create a simple login script. I think I have done ok so far (I still need to learn about sanitisation and security, but thats a lesson to be learned later), but need to know wht I get a silly result (and how to rectify it) when I try to log out.
What I have done is to create the login and using sessions to ensure people are logged in accross all the pages of the site while they are logged in. Then I have a logout button which directs users to a page with this code:
<?php session_start(); session_destroy(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
print_r($_SESSION); echo "You have successfully logged out";
What happens is the print_r ($_SESSION) line prints the old session as if logged in, but if I refresh the page I get the result that I want and the session is closed. Also if I dive into a page that you need to be logged in to view tells me I'm not logged in (I havent yet writen the code to redirect me to the logon page withing this page - it just checks if I'm logged in and lets me know if im logged in or not whilst presenting me with the contents of that page). Thus, I have no doubt that the session is ended, but why does it tell me the session details on the first run?
Another virtual beer is on offer to the first correct respondant - good job I have infinately long virtual pockets!