Fix logout issue for kaur level: improve session destruction in logout.php and capture href before async in confirmLogout

2026-01-22 16:16:17 +08:00
parent cfa09f6837
commit 8269494306
2 changed files with 27 additions and 5 deletions
--- a/index.php
+++ b/index.php
@@ -801,6 +801,7 @@

        function confirmLogout(event) {
            event.preventDefault();
+            var logoutUrl = event.currentTarget.href;
            Swal.fire({
                title: 'Konfirmasi Logout',
                text: 'Apakah Anda yakin akan keluar dari sistem?',
@@ -812,7 +813,7 @@
                cancelButtonText: 'Batal'
            }).then((result) => {
                if (result.isConfirmed) {
-                    window.location.href = event.currentTarget.href;
+                    window.location.href = logoutUrl;
                }
            });
        }
--- a/logout.php
+++ b/logout.php
@@ -1,4 +1,25 @@
-<?php
-    session_start();
-    session_destroy();
-    echo "<script>location='login.php'</script>";
+<?php
+    // Start session if not already started
+    if (session_status() === PHP_SESSION_NONE) {
+        session_start();
+    }
+    
+    // Clear all session variables
+    $_SESSION = array();
+    
+    // If it's desired to kill the session, also delete the session cookie
+    if (ini_get("session.use_cookies")) {
+        $params = session_get_cookie_params();
+        setcookie(session_name(), '', time() - 42000,
+            $params["path"], $params["domain"],
+            $params["secure"], $params["httponly"]
+        );
+    }
+    
+    // Finally, destroy the session
+    session_destroy();
+    
+    // Redirect to login page using PHP header first
+    header("Location: login.php");
+    exit();
+?>