HELP with Logout issues in PHP

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

HELP with Logout issues in PHP

Post by nirma78 »

Hi I am working on an web application using PHP and Oracle.

I have a logout link on each page. What I need to know is if the User at any point clicks on the logout link the user should not be able to go back to any of the earlier pages and should be given a message that they are logged out.

How can I do this in PHP.

I am using header () in my files (and so cannot use sessions ) and also am using the ADOdb Abstraction layer.

Please help !!

Thanks in advance.
User avatar
Jean-Yves
Forum Contributor
Posts: 148
Joined: Wed Jul 02, 2003 2:13 pm
Location: West Country, UK

Post by Jean-Yves »

Hi,

I use header() in my scripts, and they do include sessions. I use output buffering and if I use header() to, say, redirect, I just ob_end_clean() and then redirect.

I track my user-based session variable to see if it exists. If it does, then the user is logged in and may enter restricted pages, otherwise it was destroyed when they logged out and they cannot.

Hope that helps.
m3rajk
DevNet Resident
Posts: 1191
Joined: Mon Jun 02, 2003 3:37 pm

Post by m3rajk »

umm... header doesn't need to be the first thing (even though session_start does). it just needs to be the first thing sent as output.
nirma78
Forum Commoner
Posts: 42
Joined: Wed Sep 17, 2003 2:02 pm

Post by nirma78 »

Thank you all for your replies.

Hey Jean-Yves !! could you send me a piece of code if possible , wasnt exactly sure of how to do it.

Thanks in advance.
User avatar
Jean-Yves
Forum Contributor
Posts: 148
Joined: Wed Jul 02, 2003 2:13 pm
Location: West Country, UK

Post by Jean-Yves »

Try something like this (off the top of my head, haven't tested it!):

Assuming that you're testing to see if they are logged in, using a session variable called "user":

Code: Select all

ob_start();
session_start();

echo "HELLO WORLD!"; // or in reality, any other code that causes headers to be sent

if(!isset($_SESSION["user"])){
  ob_end_clean();
  header("location: ./mypath/errorPage?errorText=" . urlencode("- You are not logged in"));
}
echo "<br/>";
echo "Hello " . $_SESSION["user"]; 

ob_end_flush(); //This will send the whole html
On the logout page, use:

Code: Select all

unset($_SESSION["user"]);
to destroy the session.

Hope that this helps.
Post Reply