How to Logout from a Session in PHP

proper way to logout from a session in PHP

From the session_destroy() page in the PHP manual:

<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
session_destroy();
?>

logout and redirecting session in php

Only this is necessary

session_start();
unset($_SESSION["nome"]);  // where $_SESSION["nome"] is your own variable. if you do not have one use only this as follow **session_unset();**
header("Location: home.php");

PHP session not logging out / unset

I don't know why, but the code for destroying the sessions was somehow not working in logout.php. It worked in index.php and other files, but will all sorts of unpredictable behavior.

Found a workaround to circumvent the problem. The logout.php has code as below:

<?php
    session_start();
    $_SESSION['logout'] = TRUE;
    header('location:index.php');
?>

And add this code to index.php:

# Implement logout functionality
<?php
    session_start();
    if(isset($_SESSION['logout']) && $_SESSION['logout'] == TRUE){
        foreach($_SESSION as $var => $value){
            unset($_SESSION[$var]);
        }
        session_destroy();
        session_unset();
    }
?>

It may not be a standardized solution, but the code works for me every time, with no unpredictable behavior.

Thanks everyone for sharing their ideas.

Session logout without closing the session

You could add a "temp_logout" field to the $_SESSION variable and when you redirect the user to the login page, you can check for it $_SESSION["temp_logout"] and if it is true, add the username in the input field.

logout script:

<?php
    //24 2 2015
    session_start();
    $_SESSION['temp_logout'] = true;
    header("location:login.php")
?>

login page:

session_start()
...
//where the "username" input is
<input name="username" <?php if(isset($_SESSION["temp_logout"]){
    echo 'value="'.$_SESSION["username"] .'" ';
} ?> />
...

after a successfull login:

<?php
    session_start();
    unset($_SESSION["temp_logout"]);
?>

Also, anywhere on the site, don't forget to check if the user is temporarily logged out; then immediatelly redirect him to the login page


Related Topics

Dyld: Library Not Loaded: /Usr/Local/Opt/Icu4C/Lib/Libicui18N.62.Dylib Error Running PHP After Installing Node with Brew on MAC

Differencebetween Find(), Findorfail(), First(), Firstorfail(), Get(), List(), Toarray()

Symfony2 - Creating Own Vendor Bundle - Project and Git Strategy

Doing Http Requests from Laravel to an External API

Formulas to Calculate Geo Proximity

How to Validate a Credit Card in PHP

Only Variable References Should Be Returned by Reference - Codeigniter

Do Login Forms Need Tokens Against Csrf Attacks

Print Array to a File

Csrf (Cross-Site Request Forgery) Attack Example and Prevention in PHP

How to Call a Closure That Is a Class Variable

How to Include PHP Files That Require an Absolute Path

How to Check and Set Max_Allowed_Packet MySQL Variable

Fatal Error: Maximum Execution Time of 300 Seconds Exceeded

How to Use Where in with Doctrine 2

How Send Message Facebook Friend Through Graph API Using Accessstoken

Remove Non-Ascii Characters from String

Can You Add an If Statement in Order By


Leave a reply



Submit