I have tested this with all kind of browsers on WIndows, and to make a clean cut I had to do so..
"Jason Sheets" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Instead of doing a foreach to unset your session variables you can use > session_unset(); which will unset all your session variables for you. > > Additionally if you are wanting to remove a cookie from a visitor's > browser you should use setcookie, not unset $_COOKIE, $_COOKIE allows > you to access the value of a cookie but not set or alter the contents of > the actual cookie. > > The manual page for session_unset is > http://www.php.net/manual/en/function.session-unset.php > > The manual page for setcookie is > > http://www.php.net/manual/en/function.setcookie.php > > Also once you have executed session_destroy you have deleted the session > information from the server, if you delete the sessionid cookie from the > browser they will get a new session id the next time a session is > started, there is no need to immediatly start and destroy another > session. > > If you do not care if a user gets a new session id the next time they > visit your site you do not necessarily have to worry about deleting the > sessionid cookie as the data is already destroyed and the cookie will be > deleted when they close their browser (if cookie life is 0) or when the > cookie lifetime expires. > > Most if not all of this information is available from the PHP manual at > http://www.php.net/manual > > Jason > > On Wed, 2003-01-01 at 10:56, David Tandberg-Johansen wrote: > > [CUT] > > > > I am using SESSION on al my secure projects > > I use a file structur as this: > > (loginform) -> logincheck.php (if not ok->back2login | if ok (start an > > session)(forward to the secure pages)) > > > > When the user logs out: > > (securepages)->logout.php: > > <?PHP > > //go through all the session array an unregister the varname > > foreach($_SESSION as $key=>$val){ > > session_unregister("$key"); > > } > > // We destroys the session > > session_destroy(); > > > > //if there are an cookie vith the session name we have to unset it > > //so the browser doesn't hvae the information > > if(isset($_COOKIE[session_name()])){ > > // To delete the old cookie > > unset($_COOKIE[session_name()]); > > } > > //we starts an new session > > session_start(); > > //and we destroys it again > > session_destroy(); > > //Now there are an new session cookie in the browser, > > //and if the user try go back there are no data stored in the session > > > > //we forward the user to an unsecure public page > > header("Location: ./unsecurepublicpage.php"); > > ?> > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
