i have this website that maintains users and their profiles, once user logs in, he sees this button to logout.
<a href="<?php echo PSF::urlFor('logout');?>" class="link" id="position">Logout</a>
this goes into this function
else if($page == 'logout')//when logout occures
{
PSF::userLogout(true);
/**
* Need to remove twitter session too.
*/
if(isset($_SESSION['tw_access_token'])){
unset($_SESSION['tw_access_token']);
}
PSF::redirectTo('default_home');
}
it logs user out and redirects to homepage, and the PSF::userlogout function looks something like this
final static public function userLogout($compleLogout = false)
{
if (empty(self::$_userStack))
{
return false;
}
if ($compleLogout)
{
self::$_userStack = array();
self::requestRemoveCookie('PSF_CookieLogin');
}
else
{
array_pop(self::$_userStack);
}
self::userFlushCache();
return PSF::sessionSet('__PSF_SYSTEM_CurrentUser_Stack', self::$_userStack);
}
it is getting current user which is using the browser, and destroys their session and cookies and logs them out successfully BUT from the current browser only, if i open the same account on multiple browsers parallel, it only ends the session on one browser and continues to be logged in on the other browser. i thought removing the session and cookies will destroy the session everywhere and user will be logged out of every other device, is there any additional setting i need to set? or am i missing something?