Logout (cookies+session)
Posted: Sun Oct 17, 2004 5:30 am
I've got a problem with my logout page, whenever I try to logout, the cookies & session is still set. Here's my code for the login form (the part where the cookies and session info is set):
Here's the logout page:
Somehow, the cookies/session is kept, becuase I get logged in again when I open the admin page (which checks if im logged in, duh
).
I'm using an auto-login, here's the code for it (is included on every page):
Any ideas?
Thanks in advance, vigge
Code: Select all
<?php
## set cookie information if requested (lasts 20 days)
if ($_POST['rem'] != "on") { // clear cookies
@setcookie ('uid'); // uid - null
@setcookie ('pwd'); // pwd - null
} else { // set cookies
@setcookie ("uid", $uname, time() + (60*60*24*20)); // username
@setcookie ("pwd", $upass, time() + (60*60*24*20)); // md5 hashed password
} // check checkbox value
?>Code: Select all
<?php
if (!$_SESSION['admin']) #### only allow acces to logged in admins
header ('location: /p/login/');
## clear cookies
setcookie ('uid'); // uid - null
setcookie ('pwd'); // pwd - null
unset ($_COOKIE, $_SESSION);
### end session
session_destroy ();
?>I'm using an auto-login, here's the code for it (is included on every page):
Code: Select all
<?php
####### are there any cookies with information on the visitor? (username, password, etc.)
if (!empty ($_COOKIE['uid']) && !empty ($_COOKIE['pwd']) && !isset ($_SESSION['admin'])) { // cookies exists and user isn't already logged in
$query['autologin'] = @mysql_query ("SELECT * FROM `admins` WHERE `name` = '{$_COOKIE['uid']}'");
$autologin = @mysql_fetch_assoc ($query['autologin']);
if (!empty ($autologin['name']) && $_COOKIE['pwd'] == $autologin['password']) { // user exists and passwords match
### set session variables
$_SESSION['admin'] = true;
$_SESSION['user'] = $autologin['name'];
} // user exists and passwords match
} // cookies exists
?>Thanks in advance, vigge