Jump to content


Photo

Sessions, Is this will work correctly?


  • Please log in to reply
8 replies to this topic

#1 apol

apol
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 11 October 2006 - 10:15 AM

1. User submit a from with his "userName" and his "password".
2. "sign_in_check.php" checks if user exist in the data base and if exist then set : $_SESSION['userPass']="go";
3. When user want to sign out the sign_out.php file executed when user click on sign_out link, follows the sign_out.php:

<?php
    session_start();
    $_SESSION[]=array();

    if (isset($_COOKIE[session_name()])) {
              setcookie(session_name(), '', 0, '/');
    }
    session_unset();
    session_destroy();
    header("Location: http://localhost/pro...gn_in_form.php");
    exit();
?>


Is this logic will work ? Because when i am sign_in in my system with a valid userName & passwd and after i sign_out from the system if i press 2 times Back button in the IE browser it creates  the session again and displayes me the system index page again.

I am using to send form fields the $_GET variable and wamp5. Does anyone have any idea?

thanks

#2 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 11 October 2006 - 10:19 AM

As I understand you need to make a log out function, correct? you don't need to check if(isset), just wrtite something like this and it will delete the last session:

<?php
session_start();
session_destroy();
header("Location: http://localhost/project/forms/display/sign_in_form.php");
?>

I don't need your script, I'll try to write it myself

#3 apol

apol
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 11 October 2006 - 10:25 AM

As I understand you need to make a log out function, correct? you don't need to check if(isset), just wrtite something like this and it will delete the last session:

<?php
session_start();
session_destroy();
header("Location: http://localhost/project/forms/display/sign_in_form.php");
?>


I did it but the problem remains. I checked the session it has deleted when i press sig_out link but when i press 2 times browsers (IE) Back button it creates the session again...I can't understand why this is happening.

#4 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 11 October 2006 - 10:29 AM

Can I see the code of that page which sets the session again?
I don't need your script, I'll try to write it myself

#5 apol

apol
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 11 October 2006 - 10:35 AM

Can I see the code of that page which sets the session again?


Sorry this is the page...:


<?php
session_start();
if($_SESSION['adminPass']!="go"){
/*
if (isset($_COOKIE[session_name()])) {
  setcookie(session_name(), '', 0, '/');
}
session_destroy();
*/
header("Location: http://localhost/pro...gn_in_form.php");
exit();
}
?>


some html followes

thanks

#6 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 11 October 2006 - 10:48 AM

ok, try to check if the session is set, something like this:
<?php 
session_start();
if(isset($_SESSION['userPass'])){
?>

...some code..

<?php
}
else{
header ('Location: index.php'); // check if session is not set redirect to login page
}
?>
</body>
</html>

I don't need your script, I'll try to write it myself

#7 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 11 October 2006 - 10:56 AM

Did you try my example?
I don't need your script, I'll try to write it myself

#8 apol

apol
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 11 October 2006 - 11:00 AM

ok, try to check if the session is set, something like this:

<?php 
session_start();
if(isset($_SESSION['userPass'])){
?>

...some code..

<?php
}
else{
header ('Location: index.php'); // check if session is not set redirect to login page
}
?>
</body>
</html>





I changed it to that :

<?php
session_start();
if(isset($_SESSION['adminPass'])&&$_SESSION['adminPass']!='go'){
header("Location: http://localhost/pro...gn_in_form.php");
exit();
}
?>

and if click one time the Back button it inserts me in the system index page....I am confused....

#9 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 11 October 2006 - 11:04 AM

read my post again.
insert session check in the head of the script and the "else" statment before the body and html closing tags...
I don't need your script, I'll try to write it myself




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users