lobstahcrushah
Reputation: 54
Problems logging out - have to click logout twice
I'm hoping someone can help with an issue which, intuitively, should be simple, but the answer eludes me. For some reason, when my user logs out, he has to click log out twice to make it work. I've read this:
Any idea why I have to click the logout button twice to logout?
But it doesn't seem to be working. Here is my logout button code. Any thoughts? Thank you!
<div id="loginStatusWrap">
<div id="loginStatus">
<?php
include('includes/APILogin.php');
if ( isset( $_POST['logout_btn'] ) )
{
unset($_COOKIE['kp_emailID']);
unset($_COOKIE['kp_pass']);
session_destroy();
}
// Check for login cookie - skip if session is available
if ( isset($_COOKIE['kp_emailID']) && isset($_COOKIE['kp_pass']) && !isset($_SESSION['kp_accountID']) )
{
$username = $_COOKIE['kp_emailID'];
$pass = $_COOKIE['kp_pass'];
$get_account_parameters = array(
'session' => $session_id,
'module_name' => 'kd_kp',
'query' => "kd_kp_cstm.username_c = '" . $_COOKIE['kp_emailID'] . "'",
'order_by' => "",
'offset' => '0',
'select_fields' => array(
//'username_c',
//'password_c',
//'id',
//'name',
),
'link_name_to_fields_array' => array( ),
'max_results' => '1',
'deleted' => '0',
'Favorites' => false,
);
$get_account_result = call('get_entry_list', $get_account_parameters, $url);
//echo '<pre>'; print_r($get_account_result); echo '</pre>';
if ( $_COOKIE['kp_pass'] != $get_account_result->entry_list[0]->name_value_list->password_c->value )
{
// not logged in
session_unset();
session_destroy();
?>
<div id="loginForm">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" placeholder="EMAIL" value="<?=$_COOKIE['kp_emailID']?>" name="signIn_email" id="signIn_email"/>
<input type="password" placeholder="PASSWORD" id="signIn_pwd" name="signIn_pwd" />
<input type="submit" value="SIGN IN" name="login_btn" id="login_btn" />
<!--input type="submit" value="SIGN UP" name="signup_btn" id="signup_btn" /-->
</form>
</div><!-- //logInForm -->
<?php
} else {
// is logged in
$_SESSION['kp_accountID'] = $get_account_result->entry_list[0]->name_value_list->id->value;
$_SESSION['kp_name'] = $get_account_result->entry_list[0]->name_value_list->name->value;
// set cookies
$hour = time() + 3600;
setcookie("kp_emailID", $get_account_result->entry_list[0]->name_value_list->email1->value, $hour, "/", "kp.com");
setcookie("kp_pass", $get_account_result->entry_list[0]->name_value_list->password_c->value, $hour, "/", "kp.com");
?>
<div id="loginForm">
<h1>WELCOME, <?=$get_account_result->entry_list[0]->name_value_list->name->value?>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
<input type="submit" value="LOG OUT" name="logout_btn" id="logout_btn" />
</form>
</div>
<?php
}
}
//if the login form is submitted
if ( isset( $_POST['login_btn'] ) )
{
// checks it against the database
if ( !get_magic_quotes_gpc() )
{
$_POST['signIn_email'] = addslashes($_POST['signIn_email']);
}
$get_account_parameters = array(
'session' => $session_id,
'module_name' => 'kd_kp',
'query' => "kd_kp_cstm.username_c = '".$_POST['signIn_email']."'",
'order_by' => "",
'offset' => '0',
'select_fields' => array(
//'username_c',
//'password_c',
//'id',
//'name',
),
'link_name_to_fields_array' => array( ),
'max_results' => '1',
'deleted' => '0',
'Favorites' => false,
);
$get_account_result = call('get_entry_list', $get_account_parameters, $url);
//Gives error if user dosen't exist
if ( $get_account_result->result_count == 0 )
{
?>
<div id="loginForm">
<a href='/sign-up.php'>Click Here to Register</a>
</div>
<?php
}
$_POST['pass'] = md5( stripslashes($_POST['signIn_pwd']) );
//gives error if the password is wrong
if ( $_POST['pass'] != stripslashes($get_account_result->entry_list[0]->name_value_list->password_c->value) )
{
//if ( !isset($get_account_result->entry_list[0]->name_value_list->password_c->value) )
{
?>
<div id="loginForm">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" placeholder="EMAIL: TRY AGAIN" name="signIn_email" id="signIn_email"/>
<input type="password" placeholder="PASSWORD" id="signIn_pwd" name="signIn_pwd" />
<input type="submit" value="SIGN IN" name="login_btn" id="login_btn" />
<!--input type="submit" value="SIGN UP" name="signup_btn" id="signup_btn" /-->
</form>
</div><!-- //logInForm -->
<?php
}
//echo '<pre>'; print_r($_POST); echo '</pre>';
} else {
// if login is ok then we update session vars
$_SESSION['kp_emailID'] = stripslashes($_POST['signIn_email']);
//$_SESSION['kp_pass'] = $_POST['pass'];
$_SESSION['kp_accountID'] = $get_account_result->entry_list[0]->name_value_list->id->value;
$_SESSION['kp_name'] = $get_account_result->entry_list[0]->name_value_list->name->value;
?>
<div id="loginForm">
<h1>WELCOME, <?=$get_account_result->entry_list[0]->name_value_list->name->value?></h1>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
<input type="submit" value="LOG OUT" name="logout_btn" id="logout_btn" />
</form>
</div><!-- //logInForm -->
<?php
}
} else {
// check for active session
if ( isset($_SESSION['kp_accountID']) )
{
?>
<div id="loginForm">
<h1>WELCOME, <?=$_SESSION['kp_name']?></h1>
<form action="<?=$_SERVER['PHP_SELF']?>" method="post">
<input type="submit" value="LOG OUT" name="logout_btn" id="logout_btn" />
</form>
</div>
<?php
} else {
// if they are not logged in
?>
<div id="loginForm">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" placeholder="EMAIL" name="signIn_email" id="signIn_email"/>
<input type="password" placeholder="PASSWORD" id="signIn_pwd" name="signIn_pwd" />
<input type="submit" value="SIGN IN" name="login_btn" id="login_btn" />
<!--input type="submit" value="SIGN UP" name="signup_btn" id="signup_btn" /-->
</form>
</div><!-- //logInForm -->
<?php
}
}
//echo '<div style="float:left;"><pre>'; print_r($_POST); echo '</pre></div>';
//echo '<div style="float:left;"><pre>'; print_r($_SESSION); echo '</pre></div>';
//echo '<div style="float:left;"><pre>'; print_r($_COOKIE); echo '</pre></div>';
?>
<div class="clear"></div>
</div><!-- //loginStatus -->
</div><!-- //loginStatusBar -->
<!-- END loginbar.php !-->
Thank you!
Upvotes: 0
Views: 2908
Answers (4)
John Pitts
Reputation: 1
If you are logged into a third party website via FB, you must log out twice to complete the logout.
Upvotes: -2
ankit
Reputation: 86
After you destroy the session, redirect to the login page, so that the page refreshes.
Upvotes: 0
rockerest
Reputation: 10518
The browser doesn't recognize cookie changes until after a page reload.
Your first click is unsetting the cookies, but the user remains logged in.
Your second click is "reloading" the page, where the cookies are now unset, and it appears to work.
Add a redirect to the same page (after unsetting and destroying the session) to simulate a refresh, and your button should work.
p.s.
This is a simplified version of how cookies work, but it's basically accurate.
Since you're unsetting the cookie on the server, you have to request the page again to be given the new http headers that DON'T contain the old cookie information. That's what the reload would do.
Upvotes: 0
Glitch Desire
Reputation: 15043
Probably because this code isn't running before the part of the page that shows the user is logged in loads. Thus, the HTML shows that he is logged in but really he isn't.
Upvotes: 4
Related Questions
- Logout requering to click twice
- PHP Login/Logout Issues
- PHP, MySQL - login\logout issue, login only after second attempt
- PHP Logout And Session Issues
- Logout problem /session not destroyed
- logout.php is not working second time
- Not able to log out
- PHP Logout Problem?
- PHP sign out with session issue
- Problem logging users out