Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New to the CF scene
    Join Date
    Dec 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ending a session

    I've been attempting to write a "Logout" link that goes to logout.php.


    On the main page, up top, I have:

    ------------------------------------------------------------------------------
    <?php
    session_start();
    header("Cache-control: private");

    ?>

    --------------------------------------------------------------------------------

    the registered session variables, if I am understanding this correctly, is:

    $_SESSION['user']
    $_SESSION['pass']




    My logout.php page has this:
    -----------------------------------------------------------------------------------------------------
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>logout</title>
    <meta http-equiv="Refresh" content="2;URL=test-webusage.php" />
    </head>

    <body>
    <?php
    unset($_SESSION['user']); ?>
    </body>
    </html>
    -----------------------------------------------------------------------------------------------------


    But so far it does not end the session, because I can still click the back button and find myself logged in. Also, on the logout.php page I made it redirect to the main search page, and if there is no session, it redirects to the login page.

    HAve I missed something?

  • #2
    New Coder
    Join Date
    Nov 2005
    Location
    Louisville, Kentucky
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts
    session_destroy();

    I'm not sure if this will do anything (im a newbie at PHP) but maybe you should put unset(); at the top eg;

    <?
    unset($_SESSION['user']);
    ?>
    <html>
    .......
    What was I thinking?
    Email Me

  • #3
    New to the CF scene
    Join Date
    Dec 2005
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I tried that and it seems to end the session, as long as I do not click the back button - which is the point of the session_destroy() I thought.

    So this is what I changed logout.php to:

    <?php
    session_start();
    unset($_SESSION['user']);
    session_destroy();

    ?>

    However, I can click the back button and it logs me back in.
    Any ideas how to stop that?
    Last edited by netfrugal; 12-30-2005 at 10:56 PM.

  • #4
    Senior Coder JamieR's Avatar
    Join Date
    Oct 2004
    Location
    United Kingdom
    Posts
    3,161
    Thanks
    0
    Thanked 5 Times in 5 Posts
    Basically when you're sending headers, there has to be no characters or whitespace before the line where the headers are being sent. To overcome this problem, use output buffering in the shape of ob_start() and ob_end_flush() right at the top and bottom of your code.

  • #5
    New Coder
    Join Date
    Nov 2005
    Location
    Louisville, Kentucky
    Posts
    94
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Sessions

    you could create a session variable, for instance, in your index.php file, you create this var: (let us say that your index.php page is your login page)
    PHP Code:
    <?php
    $_SESSION
    ["check_user"] == "1";
    ?>
    On your other pages, you paste this code at the top of your page
    PHP Code:
    <?php
    if ( ! isset ( $_SESSION["check_user"] ) ) {
       
    header "Location: index.php" );
    }
    ?>
    Since in your logout.php page, you destoryed the session and unset the variable, it will redirect you to the index.php page, or what ever page you wish to use as your login.
    PS.
    Im a newbie at PHP as well, so im not exactly sure if this will work.
    What was I thinking?
    Email Me


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •