What is the common issue with PHP sessions not being destroyed properly after logout?

The common issue with PHP sessions not being destroyed properly after logout is that the session cookie is not being unset. To solve this issue, you need to unset the session cookie and destroy the session data upon logout.

// Start the session
session_start();

// Unset all session variables
$_SESSION = array();

// Destroy the session
session_destroy();

// Unset the session cookie
if (ini_get(&quot;session.use_cookies&quot;)) {
    $params = session_get_cookie_params();
    setcookie(session_name(), &#039;&#039;, time() - 42000,
        $params[&quot;path&quot;], $params[&quot;domain&quot;],
        $params[&quot;secure&quot;], $params[&quot;httponly&quot;]
    );
}

// Redirect to the login page
header(&quot;Location: login.php&quot;);
exit();

Keywords

PHP sessions logout session_destroy session_unset session cookie

What is the common issue with PHP sessions not being destroyed properly after logout?

Keywords

Related Questions