I have this login validation :
public function login_validation() {
$this->load->library('form_validation');
$this->form_validation->set_rules('email','Email',
'required|trim|callback_validate_credentials');
$this->form_validation->set_rules('password','Password','required|md5|trim');
if ($this->form_validation->run()){
$data= array(
'email'=> $this->input->post('email'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('Pag');
}else {
$this->load->view('login');
}
}
This redirect :
public function members() {
if($this->session->userdata('is_logged_in')){
redirect('Pag');
}else{
redirect('main/restricted');
}
}
And this log out:
public function logout() {
$this->session->unset_userdata('is_logged_in');
$this->session->sess_destroy();
redirect('main/login');
}
But when I press Logout from my page I will get redirected to the login tab, but if I write the URL route with /Pag I will get again on the site (without the need to type the credentials), I think that sess_destroy
don't actually destroy my session.