Login script:session_start();
$admuserS = $_SESSION[user];
$admuserC = $_COOKIE[user];
$admuser = $admuserc? $admuserS : ($admuserC? $admuserC : false);
$loggedin = 0;
$msg = "";

if(!$admuser AND $_POST){
if($_POST[user]==$username && $_POST[pass]==$password){
$_SESSION[user] = $_POST[user];
setcookie("user", $_POST[user], time()+7200, "/", str_replace(".", "", $_SERVER[HTTP_SERVER_NAME]));
$loggedin = 1;
}else{
$msg = "Wrong username or password<hr>";
}

}
Logout Script:session_start ();
$_SESSION = array ();
if (isset ($_COOKIE[session_name ()]))
setcookie (session_name (), '', time () - 42000, '/');

@ session_write_close ();
@ session_unset ();
@ session_destroy ();//Fix IE Bug

@ header ('Location: ../index.php');

exit();

Problem with the above script:

If I put the login script in the header for several files, login any file and then launch other files will not require the login again, it will go straight to the logged in page.
By just clicking logout, it will log out, but if you type in the url again, it will still go straight to the logged in page without requiring logging username and password.
The page will be only expired until reach the 7200 time limit.
While in the logged in pages, if we close the browser or turned to outside pages, and then type in the url for the pages again, they will not require logging username and password.

What i want is by clicking logout and then will require logging username and password to go back to the page, and while in the logged in page, if we close the browser, or turned to other page, and then come back again, will require logging username and password again.

It looks to me like you aren't unsetting the user cookie :

setcookie("user", $_POST[user], time()-7200, "/", str_replace(".", "", $_SERVER[HTTP_SERVER_NAME]));

Try removing the "@"'s and see if the script error's.

setcookie("user", $_POST[user], time()-7200, "/", str_replace(".", "", $_SERVER[HTTP_SERVER_NAME]));If you change it to 7200, the page will be never expired.

I tried to remove the "@", but it's not working. Can anybody help me?

Hi
If the above one is not working, please try with another code. Many websites have code for login - logout.
http://www.worth2read.org/tutorials.php---- these codes worked for me.
Thanks

If you change it to 7200, the page will be never expired.

I tried to remove the "@", but it's not working. Can anybody help me?

What do you mean by not working?

@ sign suppresses error messages, so if you remove it and get an error message, then try to find the source of the error message (if you can't, post it on here and I'll try to figure it out) and correct it.

Your script looks like it should work.


Also, when unsetting a cookie you must set it with the exact parameters you set it with when you created it (except you change the + to a - on the expire time).

Cri2T, shall I use time()-7200 or time()+7200?

Cri2T, I did as you said, but it's still the same problem. Can anybody help me for this login and logout script?