logout button problem

[jmahdi]

Hi there I have this problem with a button that should destroy sessions and then redirects to login page when clicked, pointing to this method:

 

public function logout(){
$this->logged_in = false;
session_start();
session_unset();
session_destroy();
redirect_to("login.php");
    }

 

the function is called as bellow:

             <form>
	    <input id="logout" name="logout" type="submit" value="logout" onClick="<?php $session->logout(); 
	    ?> " />
	</form>

which is available on a page called index.php, which is the default page where you'll be directed to when logged in or just registered. unfortunately when I'm supposed to be to this page and before even clicking on the button, the function just does the work and redirects to the login page!!!.....any help please

 

 

 

 

 

 

[mikesta707]

You can't set a PHP function to happen on an onclick event. Thats for client-side scripting languages (like javascript). PHP is run on the server side, so essentially you are just telling PHP to run that function at that point in the code. You could simply make a logout.php page, and run the logout code on that page. It will redirect so its not like the user will be stuck on the logout page.

[jmahdi]

You can't set a PHP function to happen on an onclick event. Thats for client-side scripting languages (like javascript). PHP is run on the server side, so essentially you are just telling PHP to run that function at that point in the code. You could simply make a logout.php page, and run the logout code on that page. It will redirect so its not like the user will be stuck on the logout page.

 

thanks for the advice, I think this should solve it

[Ivan Ivković]

The problem in mikesta's possible solution is that if someone would type 'logout.php' in the browser, he would be logged in.

 

So it's good to create a link with a encrypted $_GET variable like this:

 

LOGOUT BUTTON ON THE PAGE:

 

$getvalue = 'ok';

$get = urlencode($getvalue);

echo "<a href='logout.php?logout={$get}'>Logout</a>";

 

ONCLICK: (logout.php)

 

if(isset($_GET['logout'])){

  $get = urldecode($_GET['logout']);

  if($get == 'ok'){

      $session->logout(); 

  }else{

      header('index.php');

  }

}

 

P.S. I think there is no redirect_to() function in PHP.

Use header('Location: login.php');

[Muddy_Funster]

The problem in mikesta's possible solution is that if someone would type 'logout.php' in the browser, he would be logged in.

 

So it's good to create a link with a encrypted $_GET variable like this:

 

LOGOUT BUTTON ON THE PAGE:

 

$getvalue = 'ok';

$get = urlencode($getvalue);

echo "<a href='logout.php?logout={$get}'>Logout</a>";

 

ONCLICK: (logout.php)

 

if(isset($_GET['logout'])){

  $get = urldecode($_GET['logout']);

  if($get == 'ok'){

      $session->logout(); 

  }else{

      header('index.php');

  }

}

 

P.S. I think there is no redirect_to() function in PHP.

Use header('Location: login.php');

redirect_to() is likely a custom function that has been written to do just that, and there is no need to encrypt a $_GET variable, as logout.php does not render the end user automaticly logged in, I think you may have missunderstood that bit as it's not even a page, it's a function.  Besides, $_POST would be much easier for what you're suggesting.

 

P.S. urlencode is not an encryption method.

P.P.S. There is no PHP 'ONCLICK:()' function.

[jmahdi]

thanks all for your help, I think the first solution did the job and its working fine now....cheers all