Reputation: 185
How to logout a user in php?
I am making a login system and I just got it to work, and now I am having difficulty making a logout feature for my website. Its not actually hosted yet, so security will come later. I have tried various uses of session_destroy and unset, but i cannot get it to work. Any help would be appreciated.
My PHP
<?php
session_start();
/*This is the equivalent of login.php*/
$database = "forum"; // the name of the database.
$server = "localhost"; // server to connect to.
$db_user = "root"; // mysql username to access the database with.
$db_pass = ""; // mysql password to access the database with.
$table = "members"; // the table that this script will set up and use.
$link = mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database,$link);
if (isset($_POST['fsubmitted'])) {
// Get the data passed from the form
$username = $_POST['username'];
$pass = $_POST['pass'];
// Do some basic sanitizing
$username = stripslashes($username);
$pass = stripslashes($pass);
$encryptedpass = md5($pass);
$sql = "SELECT * from members where username = '$username' and password = '$encryptedpass'";
$result = mysql_query($sql);
$count = 0;
$count = mysql_num_rows($result);
if ($count == 1) {
$_SESSION['loggedIn'] = "true";
header("Location: index.php"); // This is wherever you want to redirect the user to
exit();
} else {
$_SESSION['loggedIn'] = "false";
echo '<div class="errormsgbox">Your username and password combo was incorrect!</div>';
var_dump($result);
echo $sql;
}
}
if ($_SESSION['loggedIn'] = "true") {
echo '<div class="success">You are now logged in!</div>';
}
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
}
$_SESSION['loggedin'] = time(); // update last activity time stamp
?>
Upvotes: 1
Views: 30250
Answers (4)
Reputation: 1900
I would try using this function:
function logout(){
if(session_id() == '') { // start session if none found
session_start();
}
session_unset();
session_destroy();
unset($_SESSION['loggedIn']);
}
All you need to do to use this function is call logout(); where ever you want to have the person logged out.
Upvotes: 0
Reputation: 6150
I can see two errors in your code:
- You have not started the session
- You have not told the code which session to unset/destroy
Starting the session:
Put this as the first line of your PHP code: session_start();
Logging out
Lets take a closer look at this block of code:
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
}
You have not told the code which session to unset or destroy!
To do that, you must include a session variable inside of the parentheses.
Try this code:
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset($_SESSION['loggedin']); // unset $_SESSION variable for the run-time
session_destroy($_SESSION['loggedin']); // destroy session data in storage
}
All i did was, told the code which session to unset and destroy
UPDATE
Try this instead if that didn't quite work for you.
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
unset($_SESSION['loggedin']); // unset $_SESSION variable for the run-time
$_SESSION['loggedin'] = "false";
}
Another good thing to take a look at is having a logout button. This is explained here: Logout button php
I hope this helped you out, and let me know if I can be of further help!
Upvotes: 2
Reputation: 32118
Use:
session_start();
With either of the following:
session_destroy();
session_unset();
unset($_SESSION["loggedin"]);
$_SESSION = array();
Upvotes: 3
Reputation: 20993
In your script to log someone out, simply have:
session_start();
unset($_SESSION);
session_destroy();
You should also call session_start() at some point in your login.php you have shown above.
Upvotes: 0
Related Questions
- PHP - How to logout all logged in users?
- Logout from all session
- logout php session using javascript
- proper way to logout from a session in PHP
- how to logout admin or user php
- Session logout without closing the session
- Force user to logout session PHP
- How to kill a session after logging out using php
- How to destroy session and log out
- How to log out an user in php?