destroy session while logout

0
votes

I want to destroy all the session values.I have logout button in all pages.I want to call this logout.php in two ways. 1.while clicked logout button in page. 2. set time for refresh a page after 10 minutes.

In header of my html I have the meta tag to refresh and call logout.php page.

<META HTTP-EQUIV="refresh" CONTENT="600;URL=logout.php?timeout">

logout.php 

<?php
 session_start();
 // remove all session variables
 session_unset(); 
 $_SESSION = array();
// destroy the session 
 session_destroy();
 echo ("<SCRIPT LANGUAGE='JavaScript'>
 window.location.href='login.php';
  </SCRIPT>");  
 ?>

My problem is session is not destroyed but redirect to login.php.I have a code to redirect to home page if no session value in caught in the page.If I login it redirect to dashboard page.
For testing I copy dashboard link and paste it.Instead redirect to login page It shows dashboard page.

1
phpsession
For redirecting, you could use the php function "header" instead of injecting a script. See php.net/manual/en/function.header.phpShishdem
How can you say that session is not destroyed and redirected to login page, when you refresh login page is it redirecting you to dashboard or else..Narendrasingh Sisodia
header is not supported so I cant use ituser3386779
what do you mean with not supported?Shishdem
header("Location: login.php"); is not working because more than one header to be sent.I have problem with this alwaysuser3386779

1 Answers

1
votes

Try to add exit; to the end, this stops the page rendering which is no longer needed. And use the header('Location :'); function, find a way to fix the error you're getting here. This little snippet has always worked for me. Do a require('logout.php') to every page calling this code. The session_start(); should already be stated in the main file, so it doesn't need to be stated here.

if(isset($_GET["logout"])){
    $_SESSION = array();
    session_destroy();
    header("Location: /");
    exit;
}