Mattydor

Actually, am I being stupid. I'm literally just adding 'session_start();' to each page. nothing more. Is there anything else I should add?

Sorry, I'm not sure I know what you mean. When I log in, it redirects to loggedin.php and the link in header.html changes to 'LOGOUT', so I assumed I was logged in. The only extra code I added to the other pages was session_start(); at the top of each page. I have also added echo session_id(); to all the pages and the session cookie is always present (even after logging out). I'm following the book exactly, as far as I can tell.

Hi all I've been tearing my hair out with this for too long so I'm asking for help. I've been working through the book and everything is going well until this chapter. I believe I have created the sessions as I should. I can log in and out and I've added session_start(); to every page that needs to be restricted by login (password.php, view_users.php, etc). Yet, when I log out I can still view the pages. Is there nothing else I should add to the pages for them to work? No include for login_functions.inc.php, for example? I'm new to this (did you guess?) so I may be missing something so obvious that it wasn't thought worth mentioning. The only mention of how to make the other pages work is this on page 354, as far as I can see: " For the Login/Logout links to work on the other pages (register.php, index.php, etc.), you’ll need to add the session_start() command to each of those. " Thanks for any help you can give me. Mat