Answer the question
In order to leave comments, you need to log in
M
M
michellie2018-04-15 21:57:55
michellie, 2018-04-15 21:57:55
How to logout correctly?
Everything works well, but...
cookies are deleted only for the root folder of the site, if you then go to the subfolder of the project, cookies are written again for all pages.
<?php
include_once 'includes/functions.php';
sec_session_start();
// Unset all session values
$_SESSION = array();
// get session parameters
$params = session_get_cookie_params();
// Delete the actual cookie.
setcookie(session_name(),
'', time() - 42000,
$params["path"],
$params["domain"],
$params["secure"],
$params["httponly"]);
// Destroy session
session_destroy();
Setcookie("user_id",$_SESSION['user_id'],time()-3600000);
Setcookie("username",$_SESSION['username'],time()-3600000);
Setcookie("login_string",$_SESSION['login_string'],time()-3600000);
header("Location: ".$_SERVER['HTTP_REFERER']); 2 answer(s)
@Exploding
How can it work?
If sec_session_start() weren't a custom function, I would swap the first two lines of code, because if error control is disabled...
Instead of Setcookie, maybe better as recommended by $_COOKIE?
I would store only the user ID in cookies, and all parameters on the server.
Well, I would divide the data in the session into "sections" of the type that needs / can be cleaned, and which should "remain static", so that later there would be no session_destroy, etc. "control shots".
@michellie
No, here is an example of the problem:
session and cookies are recorded on all pages of
site/....
session and cookies are deleted on pages when you go from
site/....
session and cookies are NOT deleted on pages when you go from
site/.../ ... and then
if you delete cookies and session from
site/....
and go to
site/.../... and then
session and cookies will reappear on all pages of
site/.... and then
E
Exploding, 2018-04-16 @Exploding
Something here is clearly too clever ... and cookies and sessions ...
Do you have your own cookies generated for each page?
//...
session_destroy();
Setcookie("user_id",$_SESSION['user_id'],time()-3600000);
//...How can it work?
If sec_session_start() weren't a custom function, I would swap the first two lines of code, because if error control is disabled...
Instead of Setcookie, maybe better as recommended by $_COOKIE?
I would store only the user ID in cookies, and all parameters on the server.
Well, I would divide the data in the session into "sections" of the type that needs / can be cleaned, and which should "remain static", so that later there would be no session_destroy, etc. "control shots".
M
michellie, 2018-04-16 @michellie
Do you have your own cookies generated for each page?
No, here is an example of the problem:
session and cookies are recorded on all pages of
site/....
session and cookies are deleted on pages when you go from
site/....
session and cookies are NOT deleted on pages when you go from
site/.../ ... and then
if you delete cookies and session from
site/....
and go to
site/.../... and then
session and cookies will reappear on all pages of
site/.... and then
Similar questions
P
C
K
E
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question