help with "logout" Issues !
Moderator: General Moderators
help with "logout" Issues !
Hi !!
I am trying to use PHP and Oracle for my web application. What I want is when a user clicks on "logout" (which is a html link) it should change the status or set a flag so that when the user triest to click the "Back" Button of the browser (IE) he/she should not be able to see any data.
I am using headers in my code so am not able to use sessions, also tried with $GLOBALS[] of PHP but am still not able to make it work. Is there any way / method to get this thing straight ???
PLEASE HELP !!
Thanks in advance.
I am trying to use PHP and Oracle for my web application. What I want is when a user clicks on "logout" (which is a html link) it should change the status or set a flag so that when the user triest to click the "Back" Button of the browser (IE) he/she should not be able to see any data.
I am using headers in my code so am not able to use sessions, also tried with $GLOBALS[] of PHP but am still not able to make it work. Is there any way / method to get this thing straight ???
PLEASE HELP !!
Thanks in advance.
- itsmani1
- Forum Regular
- Posts: 791
- Joined: Mon Sep 29, 2003 2:26 am
- Location: Islamabad Pakistan
- Contact:
wait
Wel me can do ur help but u hav to wait till tomarrow com i have done it and will mail u the the code that is in my office and now i m at home so i will mail u but if u can wait till tomarrow.
byeee
byeee
- devork
- Forum Contributor
- Posts: 213
- Joined: Fri Aug 08, 2003 6:44 am
- Location: p(h) developer's network
ok
so you want not let the user to view the data after logout righ?
this is link to script
<a href=logout.php> Logout </a>
logout.php
if you are using sessions
will destroy all your session variables
now make function
also read about the php security
gl
so you want not let the user to view the data after logout righ?
this is link to script
<a href=logout.php> Logout </a>
logout.php
if you are using sessions
Code: Select all
<?php
session_unset();
session_destroy();
echo "You have been loged out ";
?>now make function
Code: Select all
<?php
function check_login(){
//if headers are not already send then session_start()
session_start();
if(session_is_register("validUser")) return true;
else return false;
}
now in your every page
if (!check_login()){
echo "Please Login First ! ";
}
?>gl
Thank you very much for your help.
Since I am using header in every page... I am getting below error :
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Is there any other way I can handle this, because not using headers now would be lot of more work.
Thanks in advance
Since I am using header in every page... I am getting below error :
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Is there any other way I can handle this, because not using headers now would be lot of more work.
Thanks in advance
-
d3ad1ysp0rk
- Forum Donator
- Posts: 1661
- Joined: Mon Oct 20, 2003 8:31 pm
- Location: Maine, USA
However you declare header variables (username and password), declare them as "NULL" and then if you have if statements that check to make sure the username and password is right, it won't work because they will be NULL instead of the right thing.. if u know what i mean
how to do it in sessions:
just add something like that (with headers instead of sessions) in ur file, and that way u dont need to make a whole new page, you can just refresh the current one
how to do it in sessions:
Code: Select all
<?PHP
if($act=="logout")
{
$_SESSION['uid'] = NULL;
$_SESSION['pwd'] = NULL;
session_destroy();
}
?>Just adding a note; if you start all your scripts with an ob_start() and end them with an ob_end_flush() (having the rest of your code between them), you are (most likely) able to walk past the "headers allready sendt" issues.
More at http://se.php.net/manual/en/function.ob-start.php
In reply to LiLpunkSkateR;
You do not need to NULL the values. Not fun if you need to kill 28 theoretical session vars, where some of them perhaps are dynamicly made......so you don't know their name...
This is sufficient.
More at http://se.php.net/manual/en/function.ob-start.php
In reply to LiLpunkSkateR;
You do not need to NULL the values. Not fun if you need to kill 28 theoretical session vars, where some of them perhaps are dynamicly made...
Code: Select all
$_SESSION[Rand()] = 'foo';This is sufficient.
Code: Select all
session_unset(); // kills $_SESSION = array();
session_destroy(); // kills $_SESSION's