Page 1 of 1
Login/Logout Functionality
Posted: Mon Jan 12, 2009 6:09 am
by WillUK
I'm building a login/logout function for an application, which should show 'login' if the session has not been started, but 'logout' if it has been started. It works fine until I move to another linked page within the application, and then the notation will only show 'login'.
I thought that the way to resolve this would be to simply apply the 'session_name();' and 'session_start();' funtions to each of the documents within the scope of the application (as I have done for both the login and logout scripts), yet this doesn't seem to have resolved the issue.
Could anyone point me in the right direction??
Thanks
Re: Login/Logout Functionality
Posted: Mon Jan 12, 2009 3:08 pm
by andyhoneycutt
Seeing a bit of your code would help me quite a bit. That said, I usually run a check:
Code: Select all
session_start();
if(!empty($_SESSION['loginObject']))
if($_SESSION['loginObject']->isLoggedIn() === true)
{ ... }
-Andy
Re: Login/Logout Functionality
Posted: Mon Jan 12, 2009 8:38 pm
by daedalus__
you don't need session_name() get rid of that.
session_start() and then check for a ['username'] or similar session variable. if it isn't there or isn't valid, make them log-in.
you should session_start() at the beginning of every page.
it sounds like it either isn't starting, or there is an error in your code somewhere.
this tutorial is about as simple as it gets:
http://www.protycoon.com/2008/02/13/php ... -tutorial/
Re: Login/Logout Functionality
Posted: Mon Jan 12, 2009 11:25 pm
by invisibled
i always just check if the session is set, and i have session_start(); at line 1 of every page, usually in a header or config file
Code: Select all
if(isset($_SESSION['SESSIONNAME'])):
print 'logout';
else:
print 'login';
endif;
Re: Login/Logout Functionality
Posted: Tue Jan 13, 2009 12:35 am
by daedalus__
yeah but that only checks if the session exists not whether the user is logged in or logged out
Re: Login/Logout Functionality
Posted: Tue Jan 13, 2009 1:28 am
by paqman
When your user logs in successfully (however you wish to check they're a valid user) set a new session variable with their information. As was suggested (and what I usually use) something like $_SESSION["username"] works just fine. When they go to log out, you can use unset($_SESSION["username"]) to clear their username, and bam, they're logged out again.
If you want to have multiple pages which they must be logged in to see, you may want to create a validating file which you can include. Eg:
Code: Select all
<?
/*****************************
* verify.php
*****************************/
if(!isset($_SESSION["username"]))
{
?><p>You must be logged in to access this page.</p>
<a href="login.php">Log In</a><?
die();
}
?>
Add this at the start of any page you wish to lock non-users out of:
Code: Select all
<?
require_once("verify.php");
?>
Make sure you start your session on each page before including the verify file of course. Good luck.
Re: Login/Logout Functionality
Posted: Wed Jan 14, 2009 10:32 am
by WillUK
Thanks guys....
I did manage to resolve it
The code was fine, except I was placing the 'session_Start();' in the wrong place.
What exactly does the 'session_name();' function provide then? I have been using it in conjunction with 'session();', and the scripts are working fine....although if it is pointless, I will stop using it...I just got into the habit of using them both together, and didn't question the logic/reasoning...