|
PHP - Logining Out - Session_destroy
I have coded an 'admin system' that uses sessions. When the user logs out, I don't want them to be able to use the browser's back button to get back into the system. I use the following code for this.
Code: [Select] <?php session_start(); $_SESSION = array(); if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); } session_destroy(); ?> This works great to make sure someone else can't just walk up to the computer, hit the back button and get into the admin system. The problem is, now no one can login legitimately through the login page either! It seems to disable either sessions or cookies or both. Any ideas???? Similar TutorialsHey phpfreaks, I have a session, to add words to an array. But my session_destroy() won't work at the end! This is my code: Code: [Select] //at the very top of my index.php <?php session_start(); header('Content-type: text/html; charset=UTF-8'); ?> //then some html and javascript code (not affecting my array) //........ //........ //then my actual form and php code, for adding a word to an array <form id="arrayForm" method="post" action="index.php"> <input type="text" name="word" maxlength="12" /> <input class="btn" type="submit" name="submit" value="submit" /> <input class="btn" type="reset" name="reset" value="clear array" /> </form> <p> <?php function sanitize($input) { if (!empty($input)) { $input = strip_tags($input); $input = htmlentities($input); return trim($input); } else { return FALSE; } } if (isset($_POST['submit'])) { $word = $_POST['word']; if (sanitize($word)) { $_SESSION['words'][] = $word; //display words in array - this works for($i=0; $i < count($_SESSION['words']); $i++){ echo $_SESSION['words'][$i] . " "; } } else { echo 'Please enter a word'; } } //the below won't work elseif (isset($_POST['reset'])) { $_SESSION['words'] = ''; unset($_SESSION['words']); session_destroy(); } ?> </p> Hi there, I was wondering if it is possible to (on the closing of a browser to a logged in user) to automatically destroy that session. Thanks in advance. HI, according to my knowledge session_destroy() function would destroy all session variables and mysql_close() would close connection with the database. i make a simply logoff.php file and close myssql connection and destroy session. but i still get values from the database and session variables. and doesnt work properly here is the code Code: [Select] <?php session_start(); /* * To change this template, choose Tools | Templates * and open the template in the editor. */ require_once '../database/db_connecting.php'; $dbname="sahansevena";//set database name $con= setConnections();//make connections use implemented methode in db_connectiong.php mysql_select_db($dbname, $con); //update the time and date of the admin table $update_time="update admin set last_logged_date =CURDATE(), last_log_time=CURTIME() where username='$uname'limit 3,4"; //my admin table contain 5 colums they are id, username,password, last_logged_date, last_log_time $link= mysql_query($update_time); // mysql_select_db($dbname, $link); //$con=mysql_connect('localhost', 'root','ijts'); $result="select * from admin where username='a'"; $result=mysql_query($result); mysql_close($con); //here i just check after closing data baseconnection whether i do get reselts but i do, why? echo "after the cnnection was closed"; echo "<html>"; echo "<table border='1' cellspacing='1' cellpadding='2' align='center'>"; echo "<thead>"; echo"<tr>"; echo "<th>"; echo ID; echo"</th>"; echo" <th>";echo Username; echo"</th>"; echo"<th>";echo Password; echo"</th>"; echo"<th>";echo Last_logged_date; echo "</th>"; echo "<th>";echo Last_logged_time; echo "</th>"; echo" </tr>"; echo" </thead>"; echo" <tbody>"; while($row= mysql_fetch_array($result,MYSQL_BOTH)){ echo "<tr>"; echo "<td>"; echo $row[0]; echo "</td>"; echo "<td>"; echo $row[1]; echo "</td>"; echo "<td>"; echo $row[2]; echo "</td>"; echo "<td>"; echo $row[3]; echo "</td>"; echo "<td>"; echo $row[4]; echo "</td>"; echo "</tr>"; } echo" </tbody>"; echo "</table>"; echo "</html>"; session_destroy(); session_commit(); echo "session and database are closed but i still get values".$_SESSION['admin']; ?> |
|||||||