Password problem

[Elmserv]

I have two identical web areas
The initial screen asks for username & password (on both)

On the development area the computer has started to "remember" the password.

This is my accounts & I often work on site then generate the invoice using any computer that has access to the web & a printer.

When I have finished I logout which destroys the session.

I assume I am getting a cookie & I need to overwrite it on logout to prevent any security breaches.


Richard

 

[jpadie]

you're not giving us a lot to go on...

to log out of a sessions based login system you might try the following:

function logout(){
 if (session_name =="") {session_start();} //if the session is not started, then start it
 $_SESSION = array(); //delete the data in the session array
 session_destroy;  // destroy the session in memory
 setcookie(session_name(), '', time()-3600, '/'); //remove the session_id stored in the session cookie on the client machine
}

 

[Elmserv]

Hi I wasn't too far away, was I !!

<?php
if(session_id() == "") {session_start(); } 
session_destroy();
$redirecturl = "../index.php";
header("Location: $redirecturl");
?>

 

[jpadie]

not too far !

 

[Elmserv]

Thanks for your help. Another couple of years & I might get the hang of it


Regards


Richard