Page 1 of 1
help with "logout" Issues !
Posted: Thu Oct 23, 2003 12:24 pm
by nirma78
Hi !!
I am trying to use PHP and Oracle for my web application. What I want is when a user clicks on "logout" (which is a html link) it should change the status or set a flag so that when the user triest to click the "Back" Button of the browser (IE) he/she should not be able to see any data.
I am using headers in my code so am not able to use sessions, also tried with $GLOBALS[] of PHP but am still not able to make it work. Is there any way / method to get this thing straight ???
PLEASE HELP !!
Thanks in advance.
wait
Posted: Thu Oct 23, 2003 12:33 pm
by itsmani1
Wel me can do ur help but u hav to wait till tomarrow com i have done it and will mail u the the code that is in my office and now i m at home so i will mail u but if u can wait till tomarrow.
byeee
Posted: Thu Oct 23, 2003 1:12 pm
by nirma78
Thank you for your reply.
Will be looking forward for your reply.
Posted: Fri Oct 24, 2003 8:06 am
by nirma78
Please let me know if anyone is having idea of how to do this ??
Thanks
????
Posted: Fri Oct 24, 2003 10:32 am
by itsmani1
ok
wait for it ...............
Posted: Fri Oct 24, 2003 10:36 am
by devork
ok
so you want not let the user to view the data after logout righ?
this is link to script
<a href=logout.php> Logout </a>
logout.php
if you are using sessions
Code: Select all
<?php
session_unset();
session_destroy();
echo "You have been loged out ";
?>
will destroy all your session variables
now make function
Code: Select all
<?php
function check_login(){
//if headers are not already send then session_start()
session_start();
if(session_is_register("validUser")) return true;
else return false;
}
now in your every page
if (!check_login()){
echo "Please Login First ! ";
}
?>
also read about the php security
gl
Posted: Fri Oct 24, 2003 11:13 am
by nirma78
Thank you very much for your help.
Since I am using header in every page... I am getting below error :
Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/httpd/htdocs/gbcb/header.inc.php:9) in /home/httpd/htdocs/gbcb/check_login.php on line 4
Is there any other way I can handle this, because not using headers now would be lot of more work.
Thanks in advance
Posted: Fri Oct 24, 2003 2:54 pm
by d3ad1ysp0rk
However you declare header variables (username and password), declare them as "NULL" and then if you have if statements that check to make sure the username and password is right, it won't work because they will be NULL instead of the right thing.. if u know what i mean
how to do it in sessions:
Code: Select all
<?PHP
if($act=="logout")
{
$_SESSION['uid'] = NULL;
$_SESSION['pwd'] = NULL;
session_destroy();
}
?>
just add something like that (with headers instead of sessions) in ur file, and that way u dont need to make a whole new page, you can just refresh the current one
Posted: Fri Oct 24, 2003 6:18 pm
by JAM
Just adding a note; if you start all your scripts with an ob_start() and end them with an ob_end_flush() (having the rest of your code between them), you are (most likely) able to walk past the "headers allready sendt" issues.
More at
http://se.php.net/manual/en/function.ob-start.php
In reply to
LiLpunkSkateR;
You do not need to NULL the values. Not fun if you need to kill 28 theoretical session vars, where some of them perhaps are dynamicly made...
...so you don't know their name...
This is sufficient.
Code: Select all
session_unset(); // kills $_SESSION = array();
session_destroy(); // kills $_SESSION's