Andy17 Posted June 8, 2009 Share Posted June 8, 2009 Hey guys, I have coded a login/logout script, but now that I have added a remember system (by setting cookies), I cannot logout anymore. Here is the relevant code: <?php // Function checking if the information is correct here (called logcheck())! // If the cookies are set (the login information is remembered using cookies), then set variables and run login check if (isset($_COOKIE['cookie1']) && isset($_COOKIE['cookie2'])) { // Check if the user has logged out here. If yes, don't run the code below. $email = $_COOKIE['cookie1']; $password = $_COOKIE['cookie2']; logcheck($email, $password); } // If the logout button is pressed, then destroy the session & redirect if ($_POST['logoutbutton']) { session_destroy(); header('Location: /'); } ?> The problem is that when I try to logout, the cookies are obviously still set and therefore the first if statement will be true. This means that it will run the logcheck function again and login (so I am unable to logout!). So I guess I somehow need to set a value when logging out that I can access on all pages to check if the user has logged out, because then it should not run the login check again. Check my comment in the code above. I have tried using a hidden field, but I couldn't quite make it work. My idea was that I set the value of that field to 1 and check if it's 1 before running the login check function. I hope you understand my problem. Thanks! Quote Link to comment Share on other sites More sharing options...
JasonLewis Posted June 8, 2009 Share Posted June 8, 2009 Check to see if the logout button is pushed first, then in an else run the other if statement. You need to use setcookie() and set the cookie to a date in the past to delete it. Quote Link to comment Share on other sites More sharing options...
gevans Posted June 8, 2009 Share Posted June 8, 2009 try this // If the logout button is pressed, then destroy the session & redirect if ($_POST['logoutbutton']) { setcookie ("cookie1", "", time() - 3600); setcookie ("cookie2", "", time() - 3600); session_destroy(); header('Location: /'); } Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 8, 2009 Author Share Posted June 8, 2009 Sorry for not making myself perfectly clear, guys. I don't want to delete the cookies. I am determining whether a user is logged in or not by using a session ($_SESSION['logstatus']). The cookies are used for automatic login on each visit, but I am only able to login if I comment out the first if statement (I wrote the reason in my first post). So I just want to determine if the user has logged out before running the logcheck() in my first if statement - because if the user has just logged out, it shouldn't log him/her back in! I hope that makes more sense. Thanks for the replies! Quote Link to comment Share on other sites More sharing options...
gevans Posted June 8, 2009 Share Posted June 8, 2009 swap the if statmenets around!? <?php // If the logout button is pressed, then destroy the session & redirect if ($_POST['logoutbutton']) { session_destroy(); header('Location: /'); } // Function checking if the information is correct here (called logcheck())! // If the cookies are set (the login information is remembered using cookies), then set variables and run login check if (isset($_COOKIE['cookie1']) && isset($_COOKIE['cookie2'])) { // Check if the user has logged out here. If yes, don't run the code below. $email = $_COOKIE['cookie1']; $password = $_COOKIE['cookie2']; logcheck($email, $password); } ?> Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 8, 2009 Author Share Posted June 8, 2009 They were actually placed like that already because of me using require, but it makes no difference. This if statement would always be true whether it's first or not (because the cookies are set)? <?php // If the cookies are set (the login information is remembered using cookies), then set variables and run login check if (isset($_COOKIE['cookie1']) && isset($_COOKIE['cookie2'])) { // Check if the user has pressed the logout button here. If yes, don't run the code below. $email = $_COOKIE['cookie1']; $password = $_COOKIE['cookie2']; logcheck($email, $password); } ?> As far as I understand, that if statement will be run again when redirecting, which makes the user log in once again (because the cookies are set!). That's why I don't want to run that code if the user has clicked on the log out button! Sorry, right now I'm just totally lost on this one. I just need to set a value when the log out button is pressed and to check if that value is 1 within the above if statement. If it is 1, then it should not set those variables nor run the logcheck() function. That's what I tried to do by using a hidden field - storing the number 1 in that field when pressing the log out button and then checking if that value was 1 in the above if statement. It just didn't really work out for me. Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 8, 2009 Author Share Posted June 8, 2009 Bring it up. Quote Link to comment Share on other sites More sharing options...
gevans Posted June 8, 2009 Share Posted June 8, 2009 If someone's logging out, there is no need to remember them, I'd just wipe the cookies. I've never used a system with a remember me function that 'remembers me' after Ive logged out. Quote Link to comment Share on other sites More sharing options...
Andy17 Posted June 8, 2009 Author Share Posted June 8, 2009 ok I have just decided to let it "forget people" when logging out. It appears that everything is working as intended now. I guess the users should have the opportunity of "being forgotten" without manually deleting the cookies anyways. Thank you for your help, gevans, I appreciate it! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.