Killing a global session variable as an exit button

Question

Killing a global session variable as an exit button

Hi, users of Stackoverflow,

Since I was able to get some amazing help before having a problem, I was stuck for longer than I could remember, I thought I would come to you with this.

Working with a login system that authenticates the user and kills the session, but currently it does not recognize the variables assigned to the session. After clicking the exit button, everything seems to work, but when connected directly to the Members page, entering it in the address bar, it loads the page instead of redirecting to the login page.

Members.php

<?PHP session_start(); if (!isset($_SESSION['username'])) { header('location:login.php'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>The Animator BETA</title> <style> //CSS Has been removed as it lengthy and unrelated to the issue. </style> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script> <script> $(document).ready(function(){ $('#login-trigger').click(function(){ $(this).next('#login-content').slideToggle(); $(this).toggleClass('active'); if ($(this).hasClass('active')) $(this).find('span').html('&#x25B2;') else $(this).find('span').html('&#x25BC;') }) }); </script> </head> <body> <header class="cf"> <nav style="text-align:center"><a href="logout.php">Logout</a></nav> </header> <h1 style="text-align:center"> The Animator - BETA</h1> <hr /> <div id="nav" style="text-align:center"> <ul style="text-align:center"> <li><a href= "#" ><strong>Home</strong></a></li> <strong><li><a href= "industrial.html" >Industrial</a></li> <li><a href= "educational.html" >Education</a></li> <li><a href= "independent.html" >Independent</a></li> <li><a href= "emergent.html" >Emergent</a></li> <li><a href= "team.html" >Team</a></li> <li><a href= "project.html" >Project</a></li> <li><a href= "budget.html" >Budget</a></li> <li><a href= "profile.html" >Profile</a></li></strong> </ul> </div> <hr /> <div style="padding-left:19%"><input type="text" value="search" /> <input type="button" value="Search!" name="search"/> </div> <div>&nbsp;</div> <div align="center"> <div><img src="logo.png" width="407" height="345" alt="Logo" usemap="sectors" /></div> </div> </div> <map name="sectors"> <area shape="rect" coords="72,40,194,165" alt="Industrial" href="industrial.html"> <area shape="rect" coords="210,38,328,162" alt="Emergent" href="emergent.html"> <area shape="rect" coords="208,178,331,296" alt="Independent" href="independent.html"> <area shape="rect" coords="71,177,194,295" alt="Educational" href="educational.html"> </map> <div>&nbsp;</div> <div style="text-align:right"></div> <div>&nbsp;</div> <div id="footer"> <hr /> <p><strong><u><a href="about.html">About The Animator</a> | <a href="contact.html">Contact</a> | <a href="privacy.html">Privacy Policy</a> | <a href="faq.html">FAQ</a></u></strong><u></u></p> </div> </body> </html>

ENTRANCE PAGE

 <?php error_reporting(E_ALL); ini_set('display_errors',"On"); include ('database_connection.php'); if (isset($_POST['formsubmitted'])) { // Initialize a session: session_start(); $error = array();//this aaray will store all error messages if (empty($_POST['e-mail'])) {//if the email supplied is empty $error[] = 'You forgot to enter your Email '; } else { if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) { $Email = $_POST['e-mail']; } else { $error[] = 'Your Email Address is invalid '; } } if (empty($_POST['Password'])) { $error[] = 'Please Enter Your Password '; } else { $Password = $_POST['Password']; } if (empty($error))//if the array is empty , it means no error found { $query_check_credentials = "SELECT * FROM account WHERE (email='$Email' AND passwords='$Password')"; $result_check_credentials = mysqli_query($dbc, $query_check_credentials); if(!$result_check_credentials){//If the QUery Failed echo 'Query Failed '; } if (@mysqli_num_rows($result_check_credentials) == 1)//if Query is successfull { // A match was made. $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable $_SESSION['email'] = $Email; session_start("username"); header("Location: members.php"); }else { $msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect'; } } else { echo '<div class="errormsgbox"> <ol>'; foreach ($error as $key => $values) { echo ' <li>'.$values.'</li>'; } echo '</ol></div>'; } if(isset($msg_error)){ echo '<div class="warning">'.$msg_error.' </div>'; } /// var_dump($error); mysqli_close($dbc); } // End of the main Submit conditional. ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login Form</title> <style type="text/css"> body { font-family:"Lucida Grande", "Lucida Sans Unicode", Verdana, Arial, Helvetica, sans-serif; font-size:12px; } .registration_form { margin:0 auto; width:500px; padding:14px; } label { width: 10em; float: left; margin-right: 0.5em; display: block } .submit { float:right; } fieldset { background:#EBF4FB none repeat scroll 0 0; border:2px solid #B7DDF2; width: 500px; } legend { color: #fff; background: #80D3E2; border: 1px solid #781351; padding: 2px 6px } .elements { padding:10px; } p { border-bottom:1px solid #B7DDF2; color:#666666; font-size:11px; margin-bottom:20px; padding-bottom:10px; } a{ color:#0099FF; font-weight:bold; } /* Box Style */ .success, .warning, .errormsgbox, .validation { border: 1px solid; margin: 0 auto; padding:10px 5px 10px 60px; background-repeat: no-repeat; background-position: 10px center; font-weight:bold; width:450px; } .success { color: #4F8A10; background-color: #DFF2BF; background-image:url('images/success.png'); } .warning { color: #9F6000; background-color: #FEEFB3; background-image: url('images/warning.png'); } .errormsgbox { color: #D8000C; background-color: #FFBABA; background-image: url('images/error.png'); } .validation { color: #D63301; background-color: #FFCCBA; background-image: url('images/error.png'); } </style> </head> <body> <form action="login.php" method="post" class="registration_form"> <fieldset> <legend>Login Form </legend> <p>Enter Your username and Password Below </p> <div class="elements"> <label for="name">Email :</label> <input type="text" id="e-mail" name="e-mail" size="25" /> </div> <div class="elements"> <label for="Password">Password:</label> <input type="password" id="Password" name="Password" size="25" /> </div> <div class="submit"> <input type="hidden" name="formsubmitted" value="TRUE" /> <input type="submit" value="Login" /> </div> </fieldset> </form> <button onclick="window.location='theanimator.html';">Go Back!</button> </body> </html>

LOGOUT

 <?php unset($_SESSION['email']); header('Location: login.php'); exit; ?>

+3

html sql php

Zach harvey Jun 08 '13 at 13:38

source share

1 answer

Perry · Accepted Answer · 2013-06-08T13:42:09+0000

Your exit page should be as follows:

 <?php //start the session session_start(); //this will destroy the session that is started session_destroy(); header('Location: login.php'); exit; ?>

The problem was that you did not destroy the session , so the session exists when you return to the page.

You also look at the $_SESSION['username'] check, but you disable $_SESSION['email'] , which will never work.

Killing a global session variable as an exit button

More articles: