Jump to content

Record Log out status


Recommended Posts

Hi I'm trying to record the status of a user when they log out but I can't work out where I'm going wrong. Any help would be fantastic

Cheers Chris

 

Button

<a href="<?php echo $logoutAction ?>">Log out</a>

Log Out 

<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);

//Record log in and out Status
$query=("UPDATE authorise SET authorise.authorise_status = 'Logged Out' WHERE authorise.authorise_username = '$_SESSION[MM_Username]'");
$result=mysql_query($query);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
$_SESSION['MM_Username'] = NULL;
	$_SESSION['MM_UserGroup'] = NULL;
	$_SESSION['PrevUrl'] = NULL;
	$_SESSION["skill"] = NULL;
	$_SESSION["email"] = NULL;
	$_SESSION["firstname"] = NULL;
	$_SESSION["department"] = NULL;
	$_SESSION["fullname"] = NULL;
  unset($_SESSION['MM_Username']);
  unset($_SESSION['MM_UserGroup']);
  unset($_SESSION['PrevUrl']);
  unset($_SESSION['skill']);
  unset($_SESSION['email']);
  unset($_SESSION['firstname']);
  unset($_SESSION['department']);
  unset($_SESSION['fullname']);
	
  $logoutGoTo = "../index.php";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>

 

Link to post
Share on other sites

Seems OK except for

  1. You need to call session_start() at beginning of every page that uses $_SESSION. As $_SESSION is always set, your code never calls it.
  2. $logoutAction - a lot of messing to set a variable that never gets used. Why not just check if $_GET['logout'] is set and equal to "true"
  3. mysql_* functions have been deprecated for years and now (since 7.0) no longer exist. Use PDO functions instead. Used prepared statements instead of putting variables directly into the query.
  4. You don't appear to be connecting to a database server anywhere.
  5. The only session variable you should be storing is the username.
  6. You set $logoutGoTo then immediately check it has a value - why?

You should have error reporting turned on.

Edited by Barand
Link to post
Share on other sites
This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.