다음 스크립트 PHP 로그 아웃

Question

로그 아웃 스크립트에 문제가 있습니다. 나는 세션을 없애거나 쿠키를 죽이려하고 있지만 멀리 가지 않을 것입니다.

<? 
session_start(); 
session_unset(); 
session_destroy(); 

header("location:home.php"); 
exit(); 
?> 

이 :

if (!isset($_SESSION['user_id'])) { 
    if (isset($_POST['submit'])) { 
     // Connect to the database 
     $dbc = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME); 

     if ($dbc == null) { 
      $error_msg = '<br/>EROARE: conexiunea la baza de date a esuat<br/>'; 
     } 
     $error_msg = 'succes<br/>'; 

     // Grab the user-entered log-in data 
     $user_username = mysqli_real_escape_string($dbc, trim($_POST['username'])); 
     $user_username = PREG_REPLACE("/[^0-9a-zA-Z.-@_]/i", '', $user_username); 
     $user_password = mysqli_real_escape_string($dbc, trim($_POST['password'])); 
     $user_password = PREG_REPLACE("/[^0-9a-zA-Z]/i", '', $user_password); 

     if (!empty($user_username) && !empty($user_password)) 
     { 
      $query = "SELECT * FROM Admin WHERE username = '$user_username' AND password = SHA('$user_password')"; 
      $data = mysqli_query($dbc, $query); 
      if (mysqli_num_rows($data) == 1) { 
       // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page 
       $row = mysqli_fetch_array($data); 
       $_SESSION['admin_id'] = $row['id_client']; 
       $_SESSION['admin'] = $row['username']; 
       setcookie('id_admin', $row['id_admin'], time() + (60 * 60 * 24 * 2)); // expires in 30 days 

       $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/admin/index.php?admin='.$row['id_admin'].'&cat=index'; 
       header('Location: ' . $home_url); 

       //==================LOGGING THE INFORMATION 
       $fp = @fopen ($jurnal, "a"); 
       if ($fp == NULL) { 
        echo 'EROARE - nu a fost posibila deschiderea fisierului jurnal!'; 
        exit(); 
       } 
       //exclusive lock 
       lock ($fp); 
       //Writing information into the index_upload file 
       $submitdate = date('l jS \of F Y h:i:s A'); 
       $utilizator = $_SESSION['username']; 
       $adresa = $_SERVER['REMOTE_ADDR']; 
       fwrite ($fp, "========================================\r\n"); 
       fwrite ($fp, "LOGIN OK\r\n"); 
       fwrite ($fp, "Utilizator: $utilizator\r\n"); 
       fwrite ($fp, "Conexiune de la adresa IP: $adresa\r\n"); 
       fwrite ($fp, "Data: $submitdate\r\n"); 
       fwrite ($fp, "\r\n"); 
       // Unlock the file, this is the same as flock($fp, LOCK_UN); 
       unlock ($fp); 
       @fclose ($fp); 
       ///////////////////////////////////////////////////////////////////////////// 


      } 
      else { 

      } 
     } 
     else { 
      // The username/password are incorrect so set an error message 
      $error_msg = 'EROARE: pentru autentificare aveti nevoie de un nume de utilizator si o parola valide!'; 
     } 
    } 
    else { 
     // The username/password weren't entered so set an error message 
     $error_msg = 'EROARE: pentru a va putea autentifica in sistem, va rugam introduceti un nume de utilizator si o parola!'; 
    } 
} 

나는이 tryed 다음 코드를 파괴한다 session_destroy()에 대한 PHP 매뉴얼에 따르면

<?php 
    setcookie('id_admin', '', time()-60*60*24*2); 
?> 

Answer 1

을 $ _SESSION :

할

<?php 
// Initialize the session. 
// If you are using session_name("something"), don't forget it now! 
session_start(); 

// Unset all of the session variables. 
$_SESSION = array(); 

// If it's desired to kill the session, also delete the session cookie. 
// Note: This will destroy the session, and not just the session data! 
if (ini_get("session.use_cookies")) { 
    $params = session_get_cookie_params(); 
    setcookie(session_name(), '', time() - 42000, 
     $params["path"], $params["domain"], 
     $params["secure"], $params["httponly"] 
    ); 
} 

// Finally, destroy the session. 
session_destroy(); 
?>