PHP MySQL novice to ninja 6th edition – Sessions-Logout

The code of the project in the commit Sessions-Logout ( has a bug, because the logout functionality doesn’t work correctly – it is still possible to edit / add / delete the jokes after logging out?

Can anybody explain where is the bug.


How does it not work? What was the expected behaviour and what do you see instead? Any error message or other relevant log messages etc?

I am eventually going to be compelled to buy this book just to be able to answer questions about it, but i’m fairly sure the answer to

is ‘true, but this isnt the final form of the code either, so… keep reading’?

After logging out it is still possible to edit, add and delete jokes

What does your Controllers/Login.php file look like?

1 Like

@Mittineague (I assume, without the book, that) it’s more that the lesson is about logging people out, not securing the other pages against non-logged-in people. There are no controls (at this point in the book) on add/edit/delete jokes to ensure a user is logged in.

It’s a logical concern, but not the point of the lesson. I assume that @TomB goes on from this lesson to explain what you should DO when someone is not logged in and attempts to access the functions that only logged in people are meant to access.

I’ll also be honest and trying to find anything in this design paradigm is confusing me to the ends of the earth and very difficult to follow the flow, so perhaps i’m mistaken.

Mittineague, thank you very much!

as Mittineague says, this was fixed in the code in the book, and in the the code, unfortunately it wasn’t applied to all the relevant branches.

If you’re browsing the forums there’s an advert to get it for free, so you should just be able to enter your email and get a copy :slight_smile: I’m not sure if I’m seeing that advert because my account is flagged as an author though.


I see that from time to time, though I seem to recall when I tried it, it rejected my email for some reason. If it pops up again, I’ll try it and provide more detail somewhere if it fails.


A post was split to a new topic: Problems with log-in screen

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.