I am trying to develop a logout that will  destroy the auto login feature
for someone who is already online. Right now the authentication uses  an
ipaddress
>      $sql=sprintf("select userid from sessions where
>> ipaddress=\"$REMOTE_ADDR\"",$con);
>>       $res=mysql_query($sql,$con);

This is not the best way to do it, but rather than rewrite the whole code, I
thought there might be a way to destroy the session.  I've tried destroying
the  connection and setting hostname etc to " "  , but every time I log back
on to protected pages, I am admitted.

Are there any methods that might work with this setup?
> ?>
>  <?  
> 
>   //allow reentry without re-authentication
> 
>   $con = mysql_connect($hostname, $user, $password);
> 
>       if ($con==NULL)
>       {  
>               echo("301 Couldn't connect to MySQL\n\n");
>   exit(-1);  
>       }  
> 
>       $db = mysql_select_db($g_databasename,$con);
> 
>       $sql=sprintf("select userid from sessions where
> ipaddress=\"$REMOTE_ADDR\"",$con);
>       $res=mysql_query($sql,$con);
> 
>       if (mysql_num_rows($res)!=0)
>   {  
>       echo("<html><head><META HTTP-EQUIV=\"refresh\"
> CONTENT=\"0;url=photo.php\"></head></html>");
>   }  
>   else  
>   {  
> }
>       
~~~~~~~~~~~~
Jefferis Peterson, Pres.
Web Design and Marketing
http://www.PetersonSales.net
Tel .  xxx-xxx-xxxx

ICQ 19112253