logout not destroying variables

Account.php

<?php session_start(); ?><html xmlns="http://www.w3.org/1999/xhtml">  <head>  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />  <LINK href="includes/css/style.css" rel="stylesheet" type="text/css"><title>Account Dashboard</title>  </head>  <body><?phpinclude('header.php');
include('dbsettings.php');
include('navbar	.php');

$con = mysql_connect("$host","$user","$password");  if (!$con)    {    die('Could not connect: ' . mysql_error());    }  
mysql_select_db("$db_name", $con);  $username= $_SESSION['username']; // Editted 
$sql="SELECT * FROM `user` WHERE `username`='{$username}'";  
$result = mysql_query("$sql");  ?><div class= "accountsummary"><?phpif($row = mysql_fetch_array($result)){
        $_SESSION['id'] = $row['id'];         $_SESSION['firstname'] = $row['firstname'];         $_SESSION['lastname'] = $row['lastname'];         $_SESSION['address'] = $row['address'];echo "ID:";       echo $_SESSION['id'];echo "<BR />";echo "First Name:"; echo $_SESSION['firstname'];echo "<BR />";echo "Last Name:"; echo $_SESSION['lastname'];echo "<BR />";echo "Address:"; echo $_SESSION['address'];

    } if($_SESSION['id']== ''){  echo '<META HTTP-EQUIV="Refresh" Content="0; URL=login.php">';    exit; }   
  ?>  </div>    <p class="logout">  <a href=logout.php>Logout</a>  </p>    <p style="position: absolute; top: 100px; left: 230px; background-color: white; margin: 15px; "> Welcome, <?php echo "$username"; ?> </p>  <?php
mysql_close($con); include('footer.php') ?>

</body>  </html>

PHP:

logout.php

<?phpsession_start();
if(session_start())
{  session_destroy();}
header("location: login.php");?>

PHP:

 

http://php.net/manual/en/function.session-destroy.php

From the manual:
[session_destroy()] does not unset any of the global variables associated with the session, or unset the session cookie.

Look at example #1, exactly what you need.

 

Already tried that did not work

 

Unset each one individually:

<?php
    unset($_SESSION['id']);
    //etc.
?>

PHP:

 

I tried that, yet no luck.

 

<?php
session_start();
unset($_SESSION['id']);

//or

$_SESSION['id']=false;
session_destroy();
unset($_SESSION['id']);

PHP:

 

session_destroy(); is not really the answer in logging-out your user, maybe setting the $_SESSION to a blank array may be an answer..

$_SESSION = array();

 

Even while using global $_SESSION array you first need to initialize sessions.

<?php
session_start();
#here second call to session_start doesn't make sense and would probably issue warning and return false always
session_destroy();
header("location: login.php"); 

#if using php5 remove last ending tags to prevent any extra output after closing tags
?>

PHP:

or

<?php
session_start();

unset($_SESSION['id']); #this one was right too
header("location: login.php"); 

#if using php5 remove last ending tags to prevent any extra output after closing tags
?>

PHP:

Ty it and let me know.

regards

 

I always used this and it never failed me:

<?php
session_start();
ob_start();
session_destroy();
header("location: main.php");
?>

Code (markup):