I have two situation, currently I'm run my script from two different places with same script, first from localhost and second from website. The problem is when I run locally it logout successfully, it will redirect to index.php but why when I run at website it's not 100% working? The logout function is working but it's not redirect to index.php, It still appear the same page not index.php page.
My Logout Code as below:
<a href="<?php echo $logoutAction ?>">[Logout]</a>
My Session Code as below:
<?php
//initialize the session
if (!isset($_SESSION)) {
session_start();
}
// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
$logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
//to fully log out a visitor we need to clear the session varialbles
$_SESSION['MM_Username'] = NULL;
$_SESSION['MM_UserGroup'] = NULL;
$_SESSION['PrevUrl'] = NULL;
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
unset($_SESSION['PrevUrl']);
$logoutGoTo = "index.php";
if ($logoutGoTo) {
header("Location: $logoutGoTo");
exit;
}
}
?>
Finally, I found it by myself, the simple code that I found is:
<?php
session_start(); //Start the current session
session_destroy(); //Destroy it! So we are logged out now
header("location:index.php?msg=logout");
?>
Anyway, thanks to all of you that want to try to help me. thanks so much!
You should use the full url when using a location header.
Assuming index.php is all you need to append to the host, try:
$logoutGoTo = 'http://' . $_SERVER['HTTP_HOST'] . '/index.php';
Read the notes about header()
Try it like this:
<?php
//initialize the session
session_start();
// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF'] . "?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
$logoutAction .= "&" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_GET['doLogout'])) &&($_GET['doLogout'] == "true")) {
//to fully log out a visitor we need to clear the session varialbles
// $_SESSION['MM_Username'] = NULL;
// $_SESSION['MM_UserGroup'] = NULL;
// $_SESSION['PrevUrl'] = NULL;
// the upper code makes no sense with the code below. just unset the vars, or use "session_destroy"
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
unset($_SESSION['PrevUrl']);
$logoutGoTo = "index.php";
header("Location: index.php"); // or header("Location: " . $logoutGoTo)
// no reason checking if $logoutGoTo has any value, cause there's no changing in this code set
// do not use exit after header!
/*if ($logoutGoTo) {
exit;
}*/
}
?>
start new one and destroy old session , like following:
session_start();
session_destroy();
header("location:index.php?msg=logout");