PAGES THAT REMEMBER: SIMPLE LOGIN AND MULTIPAGE FORMS (Http web server)
PAGES THAT REMEMBER: SIMPLE LOGIN AND MULTIPAGE FORMS Destroying a session By itself, unsetting all the session variables effectively prevents any of the information from being reused, but you should also invalidate the session cookie like this: if (isset($_COOKIE[session_name()])) { setcookie(session_name(), ‘’, time()-86400, ‘/’); } This uses the function session_name() to get the name of the session dynamically, and resets the session cookie to an empty string and to expire 24 hours ago (86400 is the number of seconds in a day). The final argument (’/') applies the cookie to the whole domain. Finally, destroy the session with the following command: session_destroy(); By destroying a session like this, there is no risk of an unauthorized person gaining access either to a restricted part of the site or to any information exchanged during the session. However, a visitor may forget to log out, so it s not always possible to guarantee that the session_destroy() command will be triggered, which is why it s so important not to store sensitive information in a session variable. You may find session_register() and session_unregister() in old scripts. These functions are deprecated. Use $_SESSION[’variable_name’] and unset($_SESSION[’variable_name’]) instead. The Headers already sent error Although using PHP sessions is very easy, there s one problem that causes beginners a great deal of head banging. Instead of everything working the way you expect, you see the following message: Warning: Cannot add header information - headers already sent I ve mentioned this problem several times before in conjunction with the header() func tion. It affects session_start() and setcookie() as well. In the case of session_start(), the solution is simple: make sure that you put it immediately after the opening PHP tag (or very soon thereafter), and check that there s no whitespace before the opening tag. Some Mac users say they get the problem even if there is no whitespace ahead of the PHP tag. This is usually caused by editing software inserting an invisible control character at the beginning of the script. If this happens to you, try a different script editor. When using setcookie() to destroy the session cookie, though, it s quite likely that you may need to send output to the browser before calling the function. In this case, PHP lets you save the output in a buffer using ob_start(). You then flush the buffer with ob_end_flush() after setcookie() has done its job. I ll show you how to do this in PHP Solution 9-2. 237
We recommend high quality webhost to host and run your jsp application: christian web host services.