Reputation: 1511
Here is the code
I dont know whats wrong with it.
<?php
//Logout code
//Starting Session
session_start();
//Include
include ("includes/mass.php");
//Check if the user is logged in
$username = $_SESSION['username'];
$logged_in_query = "SELECT * FROM user WHERE loggedin='1' AND username='$username'";
$check_if_logged_in = mysql_query($logged_in_query);
if (isset($username))
{ while ($row = mysql_fetch_array($check_if_logged_in))
{
$logged_in = $row['loggedin'];
if ($logged_in == 1)
{
//User becomes logged out on database records
$sql_logout = "UPDATE user SET loggedin='0' WHERE loggedin='1' AND username='$username'";
$logout_query = mysql_query($logout_query);
//Logout page
session_destroy();
echo "You have been logged out.","<br>"."<a href='index.php'>Click Here To Go Back</a>";
}
}
} else
{
echo"You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
}
?>
Upvotes: 0
Views: 207
Reputation: 8700
I would use something like this:
<?php
//Logout code
//Starting Session
session_start();
//Include
include ("includes/mass.php");
//Check if the user is logged in
$username = $_SESSION['username'];
if (isset($username))
{
$logged_in_query = "SELECT * FROM user WHERE loggedin='1' AND username='".$username."' LIMIT 1";
$check_if_logged_in = mysql_query($logged_in_query);
$logged_in = mysql_fetch_field($check_if_logged_in);
if ($logged_in == 1)
{
//User becomes logged out on database records
$sql_logout = "UPDATE user SET loggedin='0' WHERE loggedin='1' AND username='".$username."' LIMIT 1";
$logout_query = mysql_query($logout_query);
if ($logout_query)
{
//Logout page
session_destroy();
echo "You have been logged out.","<br>"."<a href='index.php'>Click Here To Go Back</a>";
}
else
{
//Couldn't update the user table to set your login status.
echo "MYSQL Error, please contact admin LO-2";
exit();
}
}
else
{
echo "You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
}
}
else
{
echo "You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
}
?>
Not tested
Max
Upvotes: 0
Reputation: 1079
what you have written is very bad code. i would suggest you do like this 1. create a session in the login page once their username and password matches with the entry in the db 2. destroy that session when they say log out.
your implementation of checking the user using db is not scalable. everytime it gets executed and its not the right idea of doing it.
Upvotes: 1
Reputation: 13461
Do you have a mysql link object (from mysql_connect() / mysql_select_db() ?) From your comments below, it doesn't sound that way.
This SQL is wrong:
$sql_logout = "UPDATE user WHERE loggedin='1' AND username='$username'";
Should be:
$sql_logout = "UPDATE user SET loggedin=0 WHERE loggedin='1' AND username='$username'";
?
You probably also mean to be using mysql_fetch_assoc() instead of mysql_fetch_array().
This line:
$logout_query = mysql_query($logout_query);
Should be
$logout_query = mysql_query($sql_logout);
Put in your correct mysql connection and db information and try to run this. Please post the output.
<?php
//Logout code
//Starting Session
session_start();
echo "hello<br />";
//Include
include ("includes/mass.php");
echo "no problem in mass.php!<br />";
// FILL ME IN
$my_link = mysql_connect($server, $username, $password, TRUE);
mysql_select_db('your_db', $link);
//Check if the user is logged in
$username = $_SESSION['username'];
$logged_in_query = "SELECT loggedin FROM user WHERE loggedin='1' AND username='$username'";
echo $logged_in_query . "<br />";
$check_if_logged_in = mysql_query($logged_in_query, $my_link);
var_dump(mysql_num_rows($check_if_logged_in));
if (isset($username))
{
while ($row = mysql_fetch_assoc($check_if_logged_in))
{
var_dump($row);
$logged_in = $row['loggedin'];
if ($logged_in == 1)
{
//User become logged out on database records
$sql_logout = "UPDATE user SET loggedin=0 WHERE loggedin='1' AND username='$username'";
$logout_query = mysql_query($sql_logout, $my_link);
//Logout page
session_destroy();
echo "You have been logged out.","<br>"."<a href='index.php'>Click Here To Go Back</a>";
}
else
{
echo"You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
}
}
}
?>
Upvotes: 3