Andy17 Posted June 2, 2009 Share Posted June 2, 2009 Hey guys, I have coded a login system and am therefore making a logout system (obviously). It works and when you logout, a session is set to 0 to show that you are not logged in anymore. However, if the user is on a page that requires him/her to be logged in, he/she will still be able to see the content before he/she either refreshes or navigates away. I do know a few ways to fix this, but it would be a little tricky. I therefore thought of adding the login protected pages to an array, like this (just an example): <?php $loginpage_array[0] = "myorders.php"; $loginpage_array[1] = "profile.php"; $loginpage_array[2] = "settings.php"; $loginpage_array[3] = "submit.php"; ?> I would therefore need a script to check if the current page is the same as one of the pages in the array. I have the following function to get the current page: <?php function currentpage() { return substr($_SERVER["SCRIPT_NAME"],strrpos($_SERVER["SCRIPT_NAME"],"/")+1); } ?> So now I just need to somehow check if the current page name is in that array that I have made. I realize that there are several ways to do this, but my other ideas are too "tricky" and would require me to edit each login protected page. If you, however, have a better idea to do this, please let me know. Thank you in advance! Quote Link to comment Share on other sites More sharing options...
Andy-H Posted June 2, 2009 Share Posted June 2, 2009 http://php.net/in_array I think you would be better simply destroying the session using session_destroy(); and adding if ( !isSet($_SESSION['sess_name']) ) { Header("Location: index.php"); } To the > TOP OF < protected pages..? Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 2, 2009 Author Share Posted June 2, 2009 Thank you for your reply. The thing is that it only works by clicking the logout button twice. I remember having this problem before, but I never solved it in a satisfying way (one that wasn't very complicated). This is what I have: <?php // Logout form echo '<form name="logout" method="post"><input type="submit" value="Log out" name="logoutbutton" /></form>'; // If the logout button is pressed, then destroy the session if (isset($_POST['logoutbutton'])) { session_destroy(); } if ($_SESSION['logstatus'] != 1) { header('Location: /'); } ?> For some reason, using !isset did not work. Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 3, 2009 Author Share Posted June 3, 2009 bump (page 3 is not cool!) Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 4, 2009 Author Share Posted June 4, 2009 Bump. Sorry, no one reads page 6! Quote Link to comment Share on other sites More sharing options...
ldougherty Posted June 4, 2009 Share Posted June 4, 2009 You do not need the two IF statements and the isset option, try the code below. <?php // Logout form echo '<form name="logout" method="post"><input type="submit" value="Log out" name="logoutbutton" /></form>'; // If the logout button is pressed, then destroy the session if ($_POST['logoutbutton']) { session_destroy(); header('Location: /'); } ?> Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 5, 2009 Author Share Posted June 5, 2009 Doh, I cannot believe I didn't crack that one! That worked, thanks for your help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.