Почему когда я перезагружаю страницу ничего не происходит?

Question

[fapchat]

The first time you navigate from authenticate2.php to continue.php, it will display all
the session variables. But, because of the call to destroy_session_and_data , if you
then click your browser’s Reload button, the session will have been destroyed and
you’ll be prompted to return to the login page.

Когда вообще нужно нажимать на browser’s Reload button, чтобы меня попросили вернуться на страницу логина.

authenticate2.php

<?php // authenticate2.php
require_once 'login.php';
$connection = new mysqli($hn, $un, $pw, $db);
if ($connection->connect_error) {
    die("Fatal Error");
}
if (isset($_SERVER['PHP_AUTH_USER']) &&
isset($_SERVER['PHP_AUTH_PW'])) {
    $un_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_USER']);
    $pw_temp = mysql_entities_fix_string($connection, $_SERVER['PHP_AUTH_PW']);
    $query = "SELECT * FROM users WHERE username='$un_temp'";
    $result = $connection->query($query);
    if (!$result) {
        die("User not found");
    } elseif ($result->num_rows) {
        $row = $result->fetch_array(MYSQLI_NUM);
        $result->close();
        if (password_verify($pw_temp, $row[3])) {
            session_start();
            $_SESSION['forename'] = $row[0];
            $_SESSION['surname'] = $row[1];
            echo htmlspecialchars("$row[0] $row[1] : Hi $row[0],
you are now logged in as '$row[2]'");
            die("<p><a href='continue.php'>Click here to continue</a></p>");
        } else {
            die("Invalid username/password combination");
        }
    } else {
        die("Invalid username/password combination");
    }
} else {
    header('WWW-Authenticate: Basic realm="Restricted Area"');
    header('HTTP/1.0 401 Unauthorized');
    die("Please enter your username and password");
}
$connection->close();

function mysql_entities_fix_string($connection, $string)
{
    return htmlentities(mysql_fix_string($connection, $string));
}

function mysql_fix_string($connection, $string)
{
    if (get_magic_quotes_gpc()) {
        $string = stripslashes($string);
    }
    return $connection->real_escape_string($string);
}

continue.php

<?php
session_start();
if (isset($_SESSION['username'])) {
    $forename = $_SESSION['forename'];
    $surname = $_SESSION['surname'];
    destroy_session_and_data();
    echo htmlspecialchars("Welcome back $forename.<br>
    Your full name is $forename $surname.");
} else {
    echo "Please <a href='authenticate2.php'>click here</a> to log in.";
}
function destroy_session_and_data()
{
    $_SESSION = array();
    setcookie(session_name(), '', time() - 2592000, '/');
    session_destroy();
}

Comments

[ozornick]

Там же написано все. При первом переходе на auth вы войдёте. Нажав кнопку continue покажется сообщение welcome.. и вы разлогинитесь. Все

[Maxim Gantsev]

Т.е вы не видите ничего странного, в этом блоке?

if (isset($_SESSION['username'])) {
$forename = $_SESSION['forename'];
$surname = $_SESSION['surname'];
destroy_session_and_data();
echo htmlspecialchars("Welcome back $forename.

Your full name is $forename $surname.");
}