Help with handling a closing of a PHP session

Navigation
0

Guys, I have the following case:
To start session in PHP I do the following: 

<?php
session_cache_limiter('private');
session_start();

and to close the session I do the following: 

<?php
if (isset($_GET['logout'])) {
    session_destroy();
    unset($_SESSION['user']);
  header("location: login.php");
  exit;
}

The close session button I do it with a link to ?logout=1

But it happens to me that if I open the session with user A and leave that session and enter the session of user B the browser is loaded with data from < strong> user A and in fact shows me this data until I make an F5 in the browser and updates and loads the data of user B
There is a way in the few lines that I have presented to completely destroy the data (cookies, cache, etc etc) of the user of the previous session.

    
asked by Jose M Herrera V 20.11.2018 в 16:30
source

1 answer

0

is because the variables are recorded in a coockie, so you must eliminate it too.
Modify your session destroy and add the option to delete said coockie. if you could check in the developer tools - > Storage. You will find that each time you make a session this creates the cookie, so you must destroy it. for more security.

Destroy session 

    function logout() {     
    unset($_SESSION);     
    $datos_cookie = session_get_cookie_params();     
    setcookie(session_name(), NULL, time()-999999, $datos_cookie["path"], 
    $datos_cookie["domain"], 
    $datos_cookie["secure"],               
    $datos_cookie["httponly"]);     
     // DIRECCIONA A TU PAGINA
    }

I hope I have helped you.

    
answered by 20.11.2018 в 16:41
Error uploading a file in PHP MYSQL compare all the rows of a table by itself