/** * Function for user to Log-out. * @param \phpsec\User $userObj The user object of the user that needs to log out */ public static function logOut($userObj) { if ($userObj->checkRememberMe() === $userObj->getUserID()) { User::deleteAuthenticationToken(); //delete the authentication token from the server and the user's browser } if (file_exists(__DIR__ . "/../session/session.php")) { require_once __DIR__ . "/../session/session.php"; //If session library is present, then delete session from the server as well as user's browser $tempSession = new Session(); $tempSession->existingSession(); $tempSession->destroySession(); } }
/** * Function to check if previous sessionIDs can be revived if their expiry time has not passed. */ public function testExistingSession() { $_COOKIE['SESSIONID'] = $this->session[0]->getSessionID(); //imitate the cookie variable because phpunit can't set cookies in browser. $myNewSession = new Session(); $sessionID1 = $myNewSession->existingSession(); $experiment1 = $sessionID1 == $this->session[0]->getSessionID(); //Since session not expired, the old and the new session, both must be same. time("SET", time() + 86400 * 100); //set time to some distant future time so that the session will expire try { $sessionID2 = $myNewSession->existingSession(); } catch (SessionExpired $e) { $experiment2 = TRUE; $this->assertTrue($experiment1 && $experiment2); } }