tags:

views:

367

answers:

5
+2  Q: 

PHP session problems

I am using the following code to invalidate the session. I have linked to logout.php in many pages. If that logout link is clicked the logout.php page is called. The following is the code in logout.php.

unset($_SESSION['admin']);
session_destroy();
header('Location: index.php');

Once the session is invalidated I want to open the page index.php. But I am geting the following error:

Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in C:\xampp\htdocs\Selection\logout.php on line 3

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\Selection\logout.php:3) in C:\xampp\htdocs\Selection\logout.php on line 4

What is wrong?

+5  A: 

I think that you don't have called the session_start() function before destroy the session.

mck89  2009-08-30 13:29:17
Why ever downvoted, he's right.
BeowulfOF  2009-08-30 13:32:36
Thanks...anyway the session_start() must be called at the begin of the script.
mck89  2009-08-30 13:34:08
+4  A: 

You`ll need to call session_start() on top of the page to remind php that this pagecall belongs to the session. - At least PHP manual tells that.

The notes on that manual page give hint, that session_unset() is only to be used in older environments that are not using $_SESSION variable.

BeowulfOF  2009-08-30 13:29:50
well it's a good thing that he's not using `session_unset()` then...
nickf  2009-08-30 13:32:34
@nickf: correct, did not recognize correctly
BeowulfOF  2009-08-30 16:51:26
+1  A: 

You have to open the session first:

header('Location: index.php');
session_start();
session_unset();
session_destroy();
rodrigoap  2009-08-30 13:31:36
I think that the redirection must be placed at the end, because writing the code like this the script does the redirection and doesn't execute the other functions
mck89  2009-08-30 13:35:56
No, it works as expected.
rodrigoap  2009-08-30 14:04:48
It only works as expected because the script still finishes execution after the header is sent. However you should place the header after the session is destroyed to lessen the confusion of the code.
MitMaro  2009-08-30 19:15:22
A: 

The problem is that you can't destroy a session which hasn't been started. That is then raising a warning which is being echoed to the browser. The next problem is that you can't send headers after there's been output to the browser, so it raises another warning.

You just need to check if a session exists first:

if (session_name() != '') {
    session_destroy();
}
nickf  2009-08-30 13:31:56
A: 

You must ALWAYS use session_start(); BEFORE using a session function/variable. So start all PHP files with session_start();. Also logout.php:

session_start();
session_destroy();
header('Location: index.php');

You also don't need to unset it.

Time Machine  2009-08-30 13:34:24

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases