Modx Pagelocker註銷

Question

我做了一個由Pagelocker鎖定的頁面。這工作完美，但現在我需要一個註銷鏈接/按鈕。所以我做了一個鏈接，鏈接到一個logout.php。 在這個logout.php有以下代碼：

<?php 
    session_start(); 
    unset($_SESSION); 
    session_destroy(); 
    session_write_close(); 
    header("Location: /login.html"); 
    die; 
    exit; 
?> 

它重定向我登錄，但是當我手動去保護的頁面是沒有登錄時顯示。 它是用來保護頁面並啓動會話的代碼是：

<?php 
/** 
* 
* PageLocker 
* 
* Simple front-end password protection for individual or groups of pages. 
* 
* @ author Aaron Ladage (mods by Bob Ray) 
* @ version 1.1.0-beta1 - June 21, 2012 
* 
* PLUGIN PROPERTIES 
* &tvPassword - (Required) The TV for the password (default: 'pagePassword') 
* &tvPasswordGroup - The TV for the password group (default: 'pagePasswordGroup'). Not required, but a good idea, unless you want all password-protected pages to be accessible with the same password. 
* &formResourceID - (Required) The ID of the password form page (no default set, but absolutely necessary -- the plugin will not work without it) 
* 
**/ 
/* @var $modx modX */ 
/* @var $scriptProperties array */ 
if (!function_exists("toForm")) { 
    /* Show Login form */ 
    function toForm($resourceId) { 
     global $modx; 
     unset($_SESSION['password']); // make sure password is not still set 
     if ($modx->resource->get('id') != $resourceId) { // prevent infinite loop 
      $modx->sendForward($resourceId); 
     } 
    } 
} 
// Get the default plugin properties 
$tvPassword = $modx->getOption('tvPassword',$scriptProperties,'pagePassword'); 
$tvPasswordGroup = $modx->getOption('tvPasswordGroup',$scriptProperties,'pagePasswordGroup'); 
$formResourceID = $modx->getOption('formResourceID', $scriptProperties); 
// Get the password and password group values from the page's template variables 
$resourcePW = $modx->resource->getTVValue($tvPassword); 
$resourceGroup = $modx->resource->getTVValue($tvPasswordGroup); 
/* Do nothing if page is not password-protected, or the form page is not set in the properties */ 
if ((empty($resourcePW)) || (empty($formResourceID))) { 
    return; 
} 
// Set additional defaults 
$resourceGroup = empty($resourceGroup) ? 0 : $resourceGroup; 
$groups = isset($_SESSION['groups'])? $modx->fromJSON($_SESSION['groups']) : array(); 
/* Get and sanitize the password submitted by the user (if any) */ 
$userPW = isset($_POST['password'])? filter_var($_POST['password'], FILTER_SANITIZE_STRING) : ''; 
if (!empty($userPW)) { /* Form was submitted */ 
    if ($userPW == $resourcePW) { /* password matches the page's password */ 
     /* Set the logged in and groups session */ 
     $_SESSION['loggedin'] = 1; 
     if (! in_array($resourceGroup, $groups)) { 
      $groups[] = $resourceGroup; 
      $groupsJSON = $modx->toJSON($groups); 
      $_SESSION['groups'] = $groupsJSON; 
     } 
     return; 
    } else { // Doesn't match. Back to the form! 
     toForm($formResourceID);  
    } 
} else { // Form wasn't submitted, so check for logged in and groups sessions 
    if (empty($groups) || ! isset($_SESSION['loggedin']) || (! $_SESSION['loggedin'] === 1) || (! in_array($resourceGroup, $groups))) { 
     toForm($formResourceID); 
    } 
} 

我真的需要幫助這一點。

Answer 1

正如文檔中所述，除了打電話給session_destroy以完全消除會話之外，還有一點需要完成。

if (ini_get("session.use_cookies")) { 
    $params = session_get_cookie_params(); 
    setcookie(
     session_name(), 
     '', 
     time() - 42000, 
     $params["path"], $params["domain"], 
     $params["secure"], $params["httponly"] 
    ); 
} 

session_destroy();