By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,692 Members | 1,693 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,692 IT Pros & Developers. It's quick & easy.

problem in logout session

vivekgs2007
P: 60
Hi Sir,
I used the user login page..it works properly, but problem is when a user clicks on logout it will come to index page, but when CLICK back BUTTON, the session is still not destroyed...
here is the code
Expand|Select|Wrap|Line Numbers
  1. session_start();
  2. session_destroy();
  3. header("Location:index.php");
  4.  
Mar 29 '10 #1

✓ answered by chathura86

Expand|Select|Wrap|Line Numbers
  1. session_start();
  2.  
  3. if(!isset($_SESSION['username']))
  4. {
  5.        header("Location: login.php");
  6.        die();
  7. }
  8.  
add this code code to top of your secure page(s).

here if the $_SESSION['username'] is not set
client will be redirected to the login page (login.php for an example)
die(); will ensure that the script will terminate if the header failed to
execute (to ensure the privacy of data)

Regards

Share this Question
Share on Google+
16 Replies


chathura86
100+
P: 227
are you sure that the session is not destroyed?

refresh and make sure that it is destroyed, because you may be getting
the page from the browser cache

Regards
Mar 29 '10 #2

vivekgs2007
P: 60
HI sir,
I refresh it, but no changes,Please tell me how to destroy the cache from the browser.
Mar 30 '10 #3

chathura86
100+
P: 227
remove the header("Location:index.php");
and see if you are getting any errors when you get to that page

Regards
Mar 30 '10 #4

vivekgs2007
P: 60
ok i will try and get back to u.
Mar 30 '10 #5

vivekgs2007
P: 60
Sir still the same problem...i opened in the new browser opera..where their is no cache or cookie..when i press a logout menu, It will move to the blank page, but when i press back button in browser, it will easily comes to the previous page...
Expand|Select|Wrap|Line Numbers
  1. session_start();
  2. session_destroy();
  3. //header("Location:admin.php");
  4. //include("Localconnection.php");
  5.  
Sir i started the session in all pages in the first line only..and after "Title" tag i written the code of checking session condition, is that correct
Mar 30 '10 #6

chathura86
100+
P: 227
yes you can check the session condition after the title

could you pleas show me the code you are using to check the
session.

and does it only work if you press the back button, what if you type
a url of a secure page and try to access it.


Regards
Chathura Bamunusinghe
Mar 30 '10 #7

vivekgs2007
P: 60
hello sir,
i written the code is..
Expand|Select|Wrap|Line Numbers
  1.  include("Localconnection.php");
  2. if(isset($_SESSION['username']))
  3. {
  4. $username = $_SESSION['username'];
  5.  
  6. }
  7. else
  8.  
  9. $username = null;
  10.  
Mar 30 '10 #8

chathura86
100+
P: 227
code seems to be ok, so if the session is destroyed $username should be null
but you can still see the $username right?

and does it only work if you press the back button, what if you type
a url of a secure page and try to access it.


Regards
Chathura Bamunusinghe
Mar 30 '10 #9

vivekgs2007
P: 60
when a user enters to the page by entering username and password..then the username is displaying along with welcome..here is the code
Expand|Select|Wrap|Line Numbers
  1.         <h1>Welcome <?php
  2.  
  3.         $username = $_SESSION['username'];
  4.           echo $username;
  5.         ?> !!
  6.         </h1>
  7.  
when i press logout..and comes press the back button..the above code will display only "Welcome" not the name of user.
Mar 30 '10 #10

chathura86
100+
P: 227
so that means the session is destroyed and the $_SESSION['username'] is null
thats why you are not getting the username,

Regards
Mar 30 '10 #11

vivekgs2007
P: 60
ya..but y it is going back to previous page....
Mar 30 '10 #12

chathura86
100+
P: 227
although you destroyed the session, it doesn't mean that user cannot go back,
user can always use the back button or type the url to get the page

what you can do is if the session is not exists or invalid redirect the user to another page (maybe login page), that's how you can prevent an unauthorized user from viewing the content

Regards
Mar 30 '10 #13

vivekgs2007
P: 60
ok...can u send me the code how to do this...
Mar 30 '10 #14

chathura86
100+
P: 227
Expand|Select|Wrap|Line Numbers
  1. session_start();
  2.  
  3. if(!isset($_SESSION['username']))
  4. {
  5.        header("Location: login.php");
  6.        die();
  7. }
  8.  
add this code code to top of your secure page(s).

here if the $_SESSION['username'] is not set
client will be redirected to the login page (login.php for an example)
die(); will ensure that the script will terminate if the header failed to
execute (to ensure the privacy of data)

Regards
Mar 30 '10 #15

vivekgs2007
P: 60
Thank you very much..its working perfectly...
Mar 31 '10 #16

vivekgs2007
P: 60
i am very great full to this site..thank chathrua...

http://www.eitech.in/
Mar 31 '10 #17

Post your reply

Sign in to post your reply or Sign up for a free account.