I am unable to logout from sessions even after I have unset the session variables and used session_destroy() function. In order to logout I am just using the link to my logout.php page. The link is as follows:
- Code: Select all
<a href='posts.php'>Home</a> || <a href='logout.php'>Logout</a>
And the logout.php page is as follows:
- Code: Select all
<?php
session_start();
unset($_SESSION['username']); //Unset the $_SESSION array value
/* unset($_SESSION['password']);
unset($_SESSION['user_id']); */
if (isset($_SESSION['username']))
{
$_SESSION['username'] = "";
}
/* if ( isset($password) )
{
@setcookie( "password", $password );
} */
session_unset();
session_destroy(); // Logout of the site
if(!isset($_SESSION["username"]))
{
echo 'You have successfully logged out!<br/>';
echo 'To enter again, please <a href="login.php">login!</a>';
exit;
}
?>
After logging out if i click the back button on my browser I am able to view the pages which should not be the case and also when I click on the login link, it logs me in without any prompt for the username and password. But when I clear the cache from my browser, it gives me the prompt for username and password upon clicking in the login link. So, basically the cache is not getting cleared when I log out but clearing the cache manually does the job. Please help me guys with this as am new to php programming! thanks in advance!.
Please put some light and help me on this!