I am trying to exit my page, but session_destroy and setting cookies do not work. Here is my code:
$page = $_GET["page"];
if ($page == "logout") {
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();
echo <<<html
<br /><br /><br /><p align="center"><b><font color="#000080">You've successfully logged out.</font></b></p>
<p align="right"><b><font size="3" color="#FF0000">Redirecting...</font></b></td>
html;
echo ("<META HTTP-EQUIV=Refresh CONTENT=\"4; URL=index.php\">");
exit ();
But it doesn’t work - the session is not destroyed, and the cookies remain the same. I also tried just setting the cookie to a different value without success. Other parts of the code create cookies, access and their use, but in terms of logging out, I can’t destroy them. Can someone tell me what's wrong here? Should cookies and sessions be set / disabled / destroyed at the top of the page, for example session_start? Or is something else wrong?
source
share