Sessions not being destroyed when attempting to logout

Hello,

The logout page that Security Assist automatically created has got the usual:

<?php
@session_start();
if ("" == ""){
// WA_ClearSession
$clearAll = TRUE;
$clearThese = explode(",","");
if($clearAll){
foreach ($_SESSION as $key => $value){
unset($_SESSION[$key]);
}
}
else{
foreach($clearThese as $value){
unset($_SESSION[$value]);
}
}
}
?>

as its coding. This suddenly did not seem to be working so I added the underneath to the logout page:

<?php
session_destroy();
?>

Sessions do not seem, however, to be being destroyed.

The login page of course has an auto-redirect "Redirect.php" page to which people are sent on a successful log in.

But when someone now logs out; and then clicks a link upon that logout page that takes them to the login page so they can lre-og in, then they are instead treated as if still logged in. Sessions do not seem to have been destroyhed. And not only that, they are auto-redirected to the above "Redirect Page". So they are being treated precisely as if they have done a successful login.

I give the URL details in the private area.

Further additions of the underneath coding have not fixed the problem.

I have also tried shutting down the laptop and restarting. Still does not destroy session. So I now have a most stubborn user that remains permanengly signed in, and that I could not remove.

The only way I could sign in a different user was to:

use the exit function so it left a clickable link on the logout page;

and then to go to the login page and comment out lines as follows:

**************
// $Authenticate->RememberMe = (isset($_POST["Log_In_group_3_Remember_my_information"]));
// $Authenticate->SaveLogin = (isset($_POST["Log_In_group_4_Log_me_in_automatically"]));
// $Authenticate->AutoLogin = true;
// $Authenticate->AutoReturn = true;
// $SuccessRedirect = "presenters_switchboard.php";
$FailedRedirect = "presenters_login.php?failedLogin=1";
// $Authenticate->SuccessRedirect = $SuccessRedirect;
// $Authenticate->FailRedirect = $FailedRedirect;
***********

I could then click to go to the login page which did now not automatically redirect me.
I could then sign in a new user, but that new user got the message on the login page that he or she was already signed in. But at least I had a new user!!

Here is the added code that seems to be serving no purpose on the logout page.
At least my Presenters can appear to themselves to be signing out and then in again.

Thank you for your help.

****************
<?php
session_start();
$_SESSION['insert_check'] = null;
$_SESSION['currentclass'] = null;
$_SESSION['SecurityAssist_ID'] = null;
$_SESSION = array();
session_destroy();
?>
<?php
$exitmessage = "<p style=\"text-align: center; margin-left: 40%; margin-right: 40%; \">You have successfully logged out.<br />Thank you for visiting.<br /></p><a href=\"presenters_login.php\" class=\"button fit primary\" style=\"text-align: center; \">press to return to presenters' login page</a>";
session_start();
unset($_SESSION['insert_check']);
unset($_SESSION['currentclass']);
unset($_SESSION['SecurityAssist_ID']);
exit($exitmessage);

?>

Give me a call and we can discuss. It appears to be working for me now. It looks like the issue was with the auto-login feature that was automatically logging you in.

Hello,

Thank you.

It no longer seems to be automatically logging in.
But a remaining issue is that when I log out and try to log in again, I always get the message that I am already logged in.

I am happy to call you and will try doing so in the morning tomorrow, if you are available. Thank you.

Give me a call and we can go through it and get it working how you want.

This is just to thank you most sincerely for the kindness and assistance you gave me about a week ago.