Search the Community

Hi guys, I'm creating a login system and there is one small bug that I am trying to iron out, so any input is appreciated Once I log out as a user, I get redirected to my login page like: http://localhost:8888/login-form/login.php?status=loggedout Now that I am logged out, if I try to "bypass" the login page and go straight to the index.php page (without logging in this time), I can still access the "secure" page (..not that secure:), and I get the following message: Notice: Undefined index: status in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 32 Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/login-form/classes/membership.php:32) in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 33 You are Logged In User!!!! Log Out ---- This is the code in membership.php (please see towards the end I have marked the link 32 where I get the notice & warning message) require 'mysql.php'; class Membership{ function validate_user($un, $pwd){ $mysql = New Mysql(); $ensure_credentials = $mysql->verify_Username_and_Pass($un, md5($pwd)); // if credentials returns true, log in to index page if($ensure_credentials) { $_SESSION['status'] ='authorized'; header("location: index.php"); return true; } else return "Please enter a correct username and password"; } function log_User_Out() { if(isset($_SESSION['status'])){ unset($_SESSION['status']); if(isset($_COOKIE[session_name('Mylogin')])){ setcookie(session_name('Mylogin'), '', time() - 1000); session_destroy(); } } } function confirm_Member(){ // This is Line 32 where I am Getting the Notice Error session_start(); if($_SESSION['status'] !='authorized') { header("location: login.php"); //////////////// I think that this is the issue, instead this should be returning "True", but what is the syntax? } } } The code in my login.php page is: <?php ob_start(); session_start(); require_once 'classes/membership.php'; $membership = new Membership(); //if clicked on log out link on index page if(isset($_GET['status']) && $_GET['status'] == 'loggedout'){ $membership->log_User_Out(); } //validate user if($_POST && !empty($_POST['username']) && !empty($_POST['pwd'])){ $response = $membership->validate_user($_POST['username'], $_POST['pwd']); } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=uft-8" /> <title>Login</title> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> </head> <body> <script type="text/javascript"> $(function(){ $('h4.alert').hide().fadeIn(700); $('<span class="exit"> X</span>').appendTo('h4.alert'); $('span.exit').click(function(){ $(this).parent('h4.alert').fadeOut('slow'); }); }); </script> <div id="login"> <form method="post" action=""> <h2>Login <small>enter your credentials</small></h2> <p> <label for="name">Username: </label> <input type="text" name="username" /> </p> <p> <label for="pwd">Password: </label> <input type="password" name="pwd" /> </p> <p><input type="submit" id="submit" value="login" name="submit" /></p> </form> <?php if (isset($response)) echo "<h4 class='alert'>".$response."</h4> "; ?> </div> </body> </html> Any advise please? Thanks, Michel