help with "logout" Issues !

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

help with "logout" Issues !

Post by nirma78 »

Hi !!

I am trying to use PHP and Oracle for my web application. What I want is when a user clicks on "logout" (which is a html link) it should change the status or set a flag so that when the user triest to click the "Back" Button of the browser (IE) he/she should not be able to see any data.

I am using headers in my code so am not able to use sessions, also tried with $GLOBALS[] of PHP but am still not able to make it work. Is there any way / method to get this thing straight ???


PLEASE HELP !!

Thanks in advance.
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

wait

Post by itsmani1 »

Wel me can do ur help but u hav to wait till tomarrow com i have done it and will mail u the the code that is in my office and now i m at home so i will mail u but if u can wait till tomarrow.

byeee
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

Post by nirma78 »

Thank you for your reply.

Will be looking forward for your reply.
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

Post by nirma78 »

Please let me know if anyone is having idea of how to do this ??

Thanks
User avatar
itsmani1
Forum Regular
Posts: 791
Joined: Mon Sep 29, 2003 2:26 am
Location: Islamabad Pakistan
Contact:

????

Post by itsmani1 »

ok

wait for it ...............
User avatar
devork
Forum Contributor
Posts: 213
Joined: Fri Aug 08, 2003 6:44 am
Location: p(h) developer's network

Post by devork »

ok
so you want not let the user to view the data after logout righ?
this is link to script
<a href=logout.php> Logout </a>

logout.php
if you are using sessions

Code: Select all

<?php
session_unset();
session_destroy();
echo "You have been loged out ";

?>
will destroy all your session variables

now make function

Code: Select all

<?php
function check_login(){ 
         //if headers are not already send then session_start() 
        session_start();
        if(session_is_register("validUser")) return true;
        else return false;

}

now in your every page 

if (!check_login()){

       echo "Please Login First ! ";

}
?>
also read about the php security
gl
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

Post by nirma78 »

Thank you very much for your help.

Since I am using header in every page... I am getting below error :

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4


Is there any other way I can handle this, because not using headers now would be lot of more work.

Thanks in advance
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

However you declare header variables (username and password), declare them as "NULL" and then if you have if statements that check to make sure the username and password is right, it won't work because they will be NULL instead of the right thing.. if u know what i mean


how to do it in sessions:

Code: Select all

<?PHP 
if($act=="logout")
{
    $_SESSION['uid'] = NULL;
    $_SESSION['pwd'] = NULL;
    session_destroy();
}
?>
just add something like that (with headers instead of sessions) in ur file, and that way u dont need to make a whole new page, you can just refresh the current one
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Just adding a note; if you start all your scripts with an ob_start() and end them with an ob_end_flush() (having the rest of your code between them), you are (most likely) able to walk past the "headers allready sendt" issues.

More at http://se.php.net/manual/en/function.ob-start.php

In reply to LiLpunkSkateR;
You do not need to NULL the values. Not fun if you need to kill 28 theoretical session vars, where some of them perhaps are dynamicly made...

Code: Select all

$_SESSION[Rand()] = 'foo';
...so you don't know their name...

This is sufficient.

Code: Select all

session_unset(); // kills $_SESSION = array();
session_destroy(); // kills $_SESSION's
Post Reply