Hey guys,
I’m currently working on a piece of code that can log a current logged in user out, destroying the session as well as deleting the cookies, the rerouting the user back to the original index.html file.
Can anyone tell me if this code is correct? When i click the logout link in success.php it logs me out (i think), but I want to make sure I’m addressing any problems.
Here is the logout.php file
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
header('location:'.urldecode($_GET['redirect']));
session_destroy();
?>
And here is the success.php that the user is routed to when the successfully register.
<?php
session_start();
$userStatus = false;
if ( isset($_SESSION['username']) && isset($_SESSION['password']) ) {
$userStatus = true;
}
?>
<h2>THANK YOU FOR SUCCESSFULLY REGISTERING</h2>
<?php
?>
<h1><a href="logout.php?redirect=<?=urlencode('index.html')?>">LOGOUT</a></h1>