My session is not being destroyed -PHP-

0

I have the following code on a usury login page:

  public static function destruirSessao() {
     if (isset($_SESSION)) {
        session_start();
        unset($_SESSION["codigo"]);
        unset($_SESSION["nome"]);
        session_destroy();
       }

  }

in the index.php page:

if (!thread::getUsuarioAtivo()) {
 header("location: login.php");
 } else {
 ?>
   Código HTML/ conteúdo da página
 <?php } ?>

Even setting the Session_destroy, it still remains, and then I am able to type the url: index.php and enter the last person session, how can I solve it? are there any logic errors in the code?

The Logout link is on the index page:

     <a href="endSess.php?act=logout" ></a>

that calls another page that logs out, this logout page has the code

      $verif = $_GET['act'];
        if ($verif == "logout") {
        thread::destruirSessao();         
        header('Location: login.php');
      }
    
asked by anonymous 12.04.2018 / 14:30

1 answer

3

We have a logic error there. See that you first check if the session exists and then initialize it. Since you did not start it, it will never get into the IF to be destroyed. Put the session_start () outside the IF and post the result, please.

public static function destruirSessao() {
   session_start();
   if (isset($_SESSION)) {
       unset($_SESSION["codigo"]);
       unset($_SESSION["nome"]);
       session_destroy();
   }
}
    
12.04.2018 / 14:49