Posted by axlq on 07/31/06 06:05

In article <538cd$44cd10c7$8259c69c$28897@news2.tudelft.nl>,
Rik <luiheidsgoeroe@hotmail.com> wrote:
>Hmmm, when I
>
>file1.php
><?
>session_name('check_name');
>session_start();
>$_SESSION['var1'] = 'something';
>?>
>
>file2.php
>
><?php
>session_name('check_name');
>session_start();
>$_SESSION = array();
>setcookie(session_name(),'',time()-3600,'/');
>session_destroy();
>?>
>
>There doesn't appear a 'sess_deleted' file.

Do you access file1.php and file2.php from your browser, and keep your
browser open? Does your session cookie have the value 'deleted'?

According to the documentation at
http://www.php.net/manual/en/ref.session.php I'm not the only one
who sees a sess_deleted file when terminating a session. Maybe it's
an Apache thing for my ISP's particular configuration of the server.

>Allthough you have a workaround now, could you maybe post you total
>logout script (for I still think there's the error) and not just
>the excerpt? Otherwise, it will haunt me for days :-)

No problem, but it's several files. I think you might have a server
configuration that simply won't create a sess_deleted file.

logout.php:
====================================================================
<?php
require_once('class_lib/class.setup.php');

$CookieInfo = session_get_cookie_params();
$_SESSION = array(); // unset all session values

if ((empty($CookieInfo['domain'])) && (empty($CookieInfo['secure'])))
setcookie(session_name(), '', time()-3600, $CookieInfo['path']);
elseif (empty($CookieInfo['secure']))
setcookie(session_name(), '', time()-3600, $CookieInfo['path'],
$CookieInfo['domain']);
else
setcookie(session_name(), '', time()-3600, $CookieInfo['path'],
$CookieInfo['domain'], $CookieInfo['secure']);
unset($_COOKIE[session_name()]);
session_destroy();
header("Location: ".WWW_PATH."index.php");
?>
====================================================================

That big 'if' statement above to delete the session cookie is
lifted directly from the example at the bottom of this page:
http://us3.php.net/manual/en/function.session-destroy.php

class_lib/class.setup.php contains the following at the beginning; the
rest is smarty template manager setup needed by all scripts except
logout.php, so that stuff isn't relevant.

class_lib/class.setup.php:
====================================================================
<?php
// configs.php defines PROG_PATH, WWW_PATH, and a bunch of other stuff
require_once('/home/mydomain/public_html/configs.php');

session_save_path(PROG_PATH."/lists");
session_name('login_settings');
session_start();
if (session_id() == 'deleted') session_regenerate_id(true);

/* smarty setup class and isLoggedOn() function goes here... */
?>
====================================================================

-Alex

• Next in forum: Re: _SESSION weirdness behind a NAT firewall/router: bug?
• Prev in forum: Error in Converting GIF Image to Black & White
• Thread view: Re: _SESSION weirdness behind a NAT firewall/router: bug?

[Reply to this message]