DeanWhitehouse Posted April 22, 2008 Share Posted April 22, 2008 i think its the right title, anyhow how can i make a login code so the link is like <a href="whateverpageon?logout">Logout</a> instead of my <a href="logout.php">Logout</a> basically ,so that when they logout they are kept on the same page Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 22, 2008 Share Posted April 22, 2008 In your top include file (or at the top of every page) do an isset check for that get variable. If it exists, run a session_destroy() Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 22, 2008 Author Share Posted April 22, 2008 how do i do the issest check as i only no how to do it for $_POST i no if (isset($_POST['login'])){ but how can i make it work for me Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 22, 2008 Share Posted April 22, 2008 with get variables if (isset($_GET['logout'])){ Quote Link to comment Share on other sites More sharing options...
jonsjava Posted April 22, 2008 Share Posted April 22, 2008 Each page <?php if (isset($_GET['logout'])){ session_destroy(); } for logout: <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true"> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 i am having another problem now, i am using this code if (isset($_GET['logout'])) { session_unset(); session_destroy(); setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); } with this <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> but now when i have been logged out, the page displays a login form but it doesn't work. i get this address when i log out http://deanwhitehouse.awardspace.co.uk/test/main_forum.php?logout=true but if i delete the logout=true bit , i can login ,but not if its theres Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 23, 2008 Share Posted April 23, 2008 This problem might be unrelated but you're using the session variables after you've destroyed them. if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_destroy(); } Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 23, 2008 Share Posted April 23, 2008 You need to specify a login path, because other wise as soon as you login it will log you back out because the get variable still exists. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 well this is my whole code, <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true){ if ($_SESSION['user_level'] == 2){ ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } if ($_SESSION['user_level'] == 1){ ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> as you can see it has the login form intergrated Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 23, 2008 Share Posted April 23, 2008 Right but as you can see in your <form> tag you're using $_SERVER['PHP_SELF'] which contains the logout $_GET variable. You need to change that so the it won't automatically log you out right after you login. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 ok, so what do i need to change it to. because i want it to log them in on the same page there on Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 can this work, or do i need to redirect them Quote Link to comment Share on other sites More sharing options...
DarkWater Posted April 23, 2008 Share Posted April 23, 2008 Make a page named logout_inc.php and have the code to destroy the session in it, and put this line on top every page OR a header which you include in every page (which is generally a good idea): <?php if (isset($_GET['logout'])) { include ('logout_inc.php'); } ?> Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 23, 2008 Share Posted April 23, 2008 Try this, I removed the get var from the <form> tag: <?php if (isset($_GET['logout'])) { setcookie("cookname", $_SESSION['username'], time() - 3600, "/"); setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/"); session_unset(); session_destroy(); } if ($_SESSION['is_valid'] == true){ if ($_SESSION['user_level'] == 2){ ?> <table class='logged_in'><tr><td> <p>Welcome, <br><?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } if ($_SESSION['user_level'] == 1){ ?> <table class='logged_in'><tr><td> <p>Welcome, <?php echo $_SESSION['username']; ?> <br><a href='user_profile.php?id=<?php echo $_SESSION['user_id']; ?>'>User Profile</a><br> <a href='user_setting.php'>Settings</a><br> <a href='admin_centre.php'>Admin Area</a><br> <a href="<?php print $_SERVER["PHP_SELF"]; ?>?logout=true">Logout</a><br /> </td></tr><tr><td>Logged In</td></tr></table></p> <?php } } else { require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false){ if (isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['user_id'] = $row['user_id']; header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/"); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); ?> <html> <table bgcolor='#999999' align='right'><form action="<?php echo $server ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 23, 2008 Author Share Posted April 23, 2008 ok, works now thanks, i dunno what you changed as i can't see where but thanks Quote Link to comment Share on other sites More sharing options...
p2grace Posted April 23, 2008 Share Posted April 23, 2008 I added this line right before the login form $server = str_replace("?logout=true","",$_SERVER['PHP_SELF']); DarkWater is right though, to clean up this code you really should be using includes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.