I have this login validation :
public function login_validation() {
$this->load->library('form_validation');
$this->form_validation->set_rules('email','Email',
'required|trim|callback_validate_credentials');
$this->form_validation->set_rules('password','Password','required|md5|trim');
if ($this->form_validation->run()){
$data= array(
'email'=> $this->input->post('email'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('Pag');
}else {
$this->load->view('login');
}
}
This redirect :
public function members() {
if($this->session->userdata('is_logged_in')){
redirect('Pag');
}else{
redirect('main/restricted');
}
}
And this log out:
public function logout() {
$this->session->unset_userdata('is_logged_in');
$this->session->sess_destroy();
redirect('main/login');
}
But when I press Logout from my page I will get redirected to the login tab, but if I write the URL route with /Pag I will get again on the site (without the need to type the credentials), I think that sess_destroy don't actually destroy my session.
some server have issue(logout issue with www and withought www). You need to use 301 redirect. I managed by this In your .htaccess file put this code
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]