phpBB logout

Question

I am able to login with an integrated login system for my site and phpBB3. I am unable to

logout... I tried destroying the session, or used ->logout();

I log in as:

    $phpBBusername = $_SESSION['username'];

    $phpBBpassword = $_SESSION['pswd'];

    $result = $auth->login($phpBBusername, $phpBBpassword);

Answer 1

Maybe you've already found the answer but anyway:

<?php
   define('IN_PHPBB', true);
   $phpbb_root_path = '../phpBB3/';
   $phpEx = substr(strrchr(__FILE__, '.'), 1);
   include("../phpBB3/common.php");

   $user->session_kill();
   echo 'Logged out successfully!';
?>

Answer 2

public function myphpbb_logout()
{
    define('IN_PHPBB', true);
    global $phpEx, $user, $db, $config, $cache, $template;
    $phpEx = 'php';
    $phpbb_root_path = ('.\/forum\/');
    require_once($phpbb_root_path . 'common.php');
    set_include_path(get_include_path.PATH_SEPARATOR.$phpbb_root_path);

    //logout user
    $user->session_kill();
    $user->session_begin();
    $user->session_kill();
}

Note you need to kill the session TWICE :)

Answer 3

Why not call the PHPBB log out routine and pass your session ID. ie: forums.yourphpbbforum.com/ucp.php?mode=logout&sid=d8588ab20cf81e7234342523

Answer 4

Observe the following code for effecting a full clearing down of the PHP session and associated cookie information:

<?php

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
session_destroy();
?>

This should do what you need.