SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: How to log out

  1. #1
    SitePoint Guru
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    730
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to log out

    I'm trying to figure out how to Log out. I got the example from http://ca3.php.net/manual/en/function.session_destroy:
    PHP Code:
    <?php
    // Initialize the session.
    // If you are using session_name("something"), don't forget it now!
    session_start();

    // Unset all of the session variables.
    $_SESSION = array();

    // If it's desired to kill the session, also delete the session cookie.
    // Note: This will destroy the session, and not just the session data!
    if (ini_get("session.use_cookies")) {
        
    $params session_get_cookie_params();
        
    setcookie(session_name(), ''time() - 42000,
            
    $params["path"], $params["domain"],
            
    $params["secure"], $params["httponly"]
        );
    }

    // Finally, destroy the session.
    session_destroy();
    /*
    session_start();
    include("dbconnection.php");
    $past = time() - 100;
    //this makes the time in the past to destroy the cookie
    setcookie("ID_my_site", "gone", $past);
    setcookie("Key_my_site", "gone", $past);
    setcookie("Admin_my_site", "gone", $past);
    */
    header("Location: ../index.php");
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Logout</title>
    </head>

    <body>
    <?php

    ?>
     
    </body>
    </html>
    It's not logging out.
    Compare bible texts (and other tools):
    TheWheelofGod

  2. #2
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Check your cookies. Does the name/value of the cookie look the same before, and after the logout page?

  3. #3
    SitePoint Guru
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    730
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by crmalibu View Post
    Check your cookies. Does the name/value of the cookie look the same before, and after the logout page?
    How do I check my cookies? I'm new in this.
    Quote Originally Posted by Fou-Lu View Post
    Thats looks alright; how are you determining that the session is being retained?
    This is my login script before the html tags in the twotext/index.php:
    PHP Code:
    session_start();
    include(
    "dbconnection.php");
    //say goodbye to magic_quotes_gpc! no false security.
    /*
    $errors = array();

    if($_SERVER['REQUEST_METHOD'] == "POST"){
        if(empty($_POST['username'])){
            $errors[] = "username was empty";
        }
        if(empty($_POST['password'])){
            $errors[] = "password was empty";
        }
        if(empty($_POST['email'])){
            $errors[] = "e-mail was empty";
        }
        if(count($errors) == 0){*/
            //fix magic_quotes_gpc() being on
            
    if(get_magic_quotes_gpc()){
                foreach(
    $_GET as $k => $v){
                    
    $_GET[$k] = stripslashes($v);
                }
                foreach(
    $_POST as $k => $v){
                    
    $_POST[$k] = stripslashes($v);
                }
                foreach(
    $_COOKIE as $k => $v){
                    
    $_COOKIE[$k] = stripslashes($v);
                }
            }
        
    //Checks if there is a login cookie
        
    if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page
            
    $myusername $_COOKIE['ID_my_site'];
            
    $pass $_COOKIE['Key_my_site'];
            
    $admin $_COOKIE['Admin_my_site'];
            
    $user $_COOKIE['User_my_site'];    
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'";
            
    $check mysql_query($sql)or die(mysql_error());
            while(
    $info mysql_fetch_array$check )){
                if(
    $pass == $info['password']){
                    
    $writeusername "Welcome ".$myusername."! <br />Visit your <a href=\"login/member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>";
                }
            }
        }
        
    //variable to keep track of whether to show the user the login form or not
        
    $showlogin true//we show the form by default, -unless- we know they have logged in
          
        //if the login form is submitted
        
    if (isset($_POST['submit'])){ // if form has been submitted
            
    if(!$_POST['username'] || !$_POST['pass']) {// makes sure they filled it in
                
    $writeemptyfield "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">You did not fill in a required field.</td></tr>";
            }
    // checks it against the database
            
    $_POST['email'] = mysql_real_escape_string($_POST['email']);
            
    $db['username'] = mysql_real_escape_string($_POST['username']);
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".$db['username']."'";
            
    $check mysql_query($sql) or die(mysql_error());
            
    //Gives error if user dosen't exist
            
    $check2 mysql_num_rows($check);
            if (
    $check2 == 0) {
                
    $writeusernoexist "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">That user does not exist in our database.</td></tr>";
            }
            while(
    $info mysql_fetch_array$check )){
                
    $_POST['pass'] = md5($_POST['pass']);
                
    //gives error if the password is wrong
                
    if ($_POST['pass'] != $info['password']){
                    
    $writewrongpassword "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">Incorrect password, please try again.</td></tr>";
                }else{
                    
    // if login is ok then we add a cookie
                    
    $hour time() + 3600;
                    
    setcookie("ID_my_site"$_POST['username'], $hour);
                    
    setcookie("Key_my_site"$_POST['pass'], $hour);
        
                
    //they are logged in. no need to show the login form
                
    $showlogin false;
                  
                  if(
    $_POST["admin"]=="yes"){
                      
    setcookie("Admin_my_site"$_POST['admin'], $hour);
                  }else{
                      
    setcookie("User_my_site"$_POST['admin'], $hour);
                  }
                  
    header("Location: ../index.php");
              }
          }
        }
    /*  }
    }*/

    $_SESSION['logged_in'] = 1
    The login form is as an include file within the html tags:
    PHP Code:
    <?php include("dbconnection.php"); ?>
    <div style="float: left; width: 100%; margin: 0px 0px 0px 0px; background-color: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;">
        <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-size: 13px;">Login</span>
    </div>
    <div style="float: left; width: 100%; height: 150px; background-color: #B4B3A9; border: 1px solid #A5A498; margin: 0px 0px 0px 0px; overflow-x: hidden; overflow-y: auto;">

    <?php if(isset($_COOKIE['ID_my_site'])){ ?>
    <span style="float: left; text-align: left; padding: 5px 5px 5px 5px;">
      Welcome <span id="myusername"><?php echo $myusername?> </span>!<br />
      Visit your <a style="text-decoration: none;" href="login/member.php" onmouseover="this.style.textDecoration='underline';" onmouseout="this.style.textDecoration='none';" >member's stat</a><br />
      <a style="text-decoration: none;" href="login/logout.php" onmouseover="this.style.textDecoration='underline';" onmouseout="this.style.textDecoration='none';" >Logout</a>
    </span>
    <?php }else { ?>
    <table border="0">
            <tr>
                <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td>
           </tr>
    <?php echo $writeemptyfield?>
    <?php 
    echo $writeusernoexist?>
            <tr>
                <td>Username:</td>
                <td><input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td>
           </tr>
    <?php echo $writewrongpassword?>        
            <tr>
                <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" name="pass" id="pass" /></td></tr>
            <tr>
                <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td>
            </tr>
        </table> 
    <?php
    }
    ?>
    </div>
    And the logout is a completely different page but redirects to the twotexts/index.php page. But it's not logging out.
    Compare bible texts (and other tools):
    TheWheelofGod

  4. #4
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Depends on the browser. You can use google to find out. For example, "view cookies firefox".

    Anyway, your problem looks like you have other cookies you need to clear. It don't know how you decide whether or not someone is logged in across the different scripts you have(looks like you use some combination of individual cookies and a session), but whatever criteria you use, you need to work on it. Maybe that means unsetting all cookies. I see you use $_COOKIE['ID_my_site'] in one place, so that's definitely a cookie that needs to be removed.

    Consider finding some tutorials for this. It looks like what you've built so far is getting very unorganized and complicated.

  5. #5
    SitePoint Guru
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    730
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by crmalibu View Post
    Depends on the browser. You can use google to find out. For example, "view cookies firefox".

    Anyway, your problem looks like you have other cookies you need to clear. It don't know how you decide whether or not someone is logged in across the different scripts you have(looks like you use some combination of individual cookies and a session), but whatever criteria you use, you need to work on it. Maybe that means unsetting all cookies. I see you use $_COOKIE['ID_my_site'] in one place, so that's definitely a cookie that needs to be removed.

    Consider finding some tutorials for this. It looks like what you've built so far is getting very unorganized and complicated.
    I used 3 php files: login.php, logout.php and index.php.

    I think the checking the $_POST[] should be in the login.php. But then I'm guessing that the index.php page needs to read cookies which the login.php has set right?
    PHP Code:
    <?php
    # index.php
    session_start();
    $logged_in = isset($_SESSION['logged_in']);
    include(
    "../dbconnection.php");
    //say goodbye to magic_quotes_gpc! no false security.

    $errors = array();

    if(
    $_SERVER['REQUEST_METHOD'] == "POST"){
        if(empty(
    $_POST['username'])){
            
    $errors[] = "username was empty";
        }
        if(empty(
    $_POST['password'])){
            
    $errors[] = "password was empty";
        }
        if(empty(
    $_POST['email'])){
            
    $errors[] = "e-mail was empty";
        }
        if(
    count($errors) == 0){
            
    //fix magic_quotes_gpc() being on
            
    if(get_magic_quotes_gpc()){
                foreach(
    $_GET as $k => $v){
                    
    $_GET[$k] = stripslashes($v);
                }
                foreach(
    $_POST as $k => $v){
                    
    $_POST[$k] = stripslashes($v);
                }
                foreach(
    $_COOKIE as $k => $v){
                    
    $_COOKIE[$k] = stripslashes($v);
                }
            }
            
    //Checks if there is a login cookie
            
    if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page
            
    $myusername $_COOKIE['ID_my_site'];
            
    $pass $_COOKIE['Key_my_site'];
            
    $admin $_COOKIE['Admin_my_site'];
            
    $user $_COOKIE['User_my_site'];    
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'";
            
    $check mysql_query($sql)or die(mysql_error());
            while(
    $info mysql_fetch_array$check )){
                if(
    $pass == $info['password']){
                    
    $writeusername "Welcome ".$myusername."! <br />Visit your <a href=\"member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>";
                }
            }
        }
        
    //variable to keep track of whether to show the user the login form or not
        
    $showlogin true//we show the form by default, -unless- we know they have logged in

        //if the login form is submitted
        
    if (isset($_POST['submit'])){ // if form has been submitted
            
    if(!$_POST['username'] || !$_POST['pass']) {// makes sure they filled it in
                
    $writeemptyfield "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">You did not fill in a required field.</td></tr>";
            }
    // checks it against the database
            
    $_POST['email'] = mysql_real_escape_string($_POST['email']);
            
    $db['username'] = mysql_real_escape_string($_POST['username']);
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".$db['username']."'";
            
    $check mysql_query($sql) or die(mysql_error());
            
    //Gives error if user dosen't exist
            
    $check2 mysql_num_rows($check);
            if (
    $check2 == 0) {
                
    $writeusernoexist "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">That user does not exist in our database.</td></tr>";
            }
            while(
    $info mysql_fetch_array$check )){
                
    $_POST['pass'] = md5($_POST['pass']);
                    
    //gives error if the password is wrong
                    
    if ($_POST['pass'] != $info['password']){
                        
    $writewrongpassword "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">Incorrect password, please try again.</td></tr>";
                    }else{
                        
    // if login is ok then we add a cookie
                        
    $hour time() + 3600;
                        
    setcookie("ID_my_site"$_POST['username'], $hour);
                        
    setcookie("Key_my_site"$_POST['pass'], $hour);
                        
                        
    //they are logged in. no need to show the login form
                        
    $showlogin false;
                        if(
    $_POST["admin"]=="yes"){
                            
    setcookie("Admin_my_site"$_POST['admin'], $hour);
                        }else{
                            
    setcookie("User_my_site"$_POST['admin'], $hour);
                        }
                        
    header("Location: login.php");
                    }
                }
            }
        }
    }

    //$_SESSION['logged_in'] = 1;    
    ?>

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Login</title>
    </head>

    <body>
    <?php if ($logged_in): ?>
    <form action="<?php echo "logout.php";//$_SERVER['PHP_SELF'];?>" method="POST">
    <span style="float: left; text-align: left; padding: 5px 5px 5px 5px;">
      Welcome <span id="myusername"><?php echo $myusername?> </span>!<br />
      Visit your <a style="text-decoration: none;" href="member.php" onmouseover="this.style.textDecoration='underline';" onmouseout="this.style.textDecoration='none';" >member's stat</a><br />
      <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Logout" />
    </span>
    </form>

    <?php else: ?>

    <form action="<?php echo "login.php";//$_SERVER['PHP_SELF'];?>" method="POST">
    <table border="0">
            <tr>
                <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td>
           </tr>
    <?php echo $writeemptyfield?>
    <?php 
    echo $writeusernoexist?>
            <tr>
                <td>Username:</td>
                <td><input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td>
           </tr>
    <?php echo $writewrongpassword?>        
            <tr>
                <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" name="pass" id="pass" /></td></tr>
            <tr>
                <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td>
            </tr>
        </table>
    </form>
    <?php endif; ?> 
    </body>
    </html>
    PHP Code:
    <?php
        
    # login.php
        
    if ($_SERVER['REQUEST_METHOD'] == 'POST'){
        
    session_start();
        
    $_SESSION['logged_in'] = true;
        
    header('HTTP/1.1 303 See Other');
    }
    header('Location: index.php');
    ?>
    PHP Code:
    <?php
        
    # logout.php
    if ($_SERVER['REQUEST_METHOD'] == 'POST'){
        
    session_start();
        
    session_destroy();
        
    header('HTTP/1.1 303 See Other');
    }
    header('Location: index.php');
    ?>
    Compare bible texts (and other tools):
    TheWheelofGod


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •