Logout of a session

jacquesy

Hello all!

I am trying to build a logout link on my session page. It does actually work but the problem is you have to click it twice forit to work?? The first time it is clicked it simply refreshes the page.

Here is the code:

session_start();

if(!isset($uid)) {
?>
<form method="get" action="index.php">
User ID:
<input type="text" name="uid">

Password:
<input type="password" name="pwd">

<input type="submit" value="Login">
</form>
<?php
exit;
}

session_register("uid");
session_register("pwd");

dbConnect("dbname");
$sql = "SELECT * FROM user WHERE
userid = '$uid' AND password = PASSWORD('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error("A database error occurred");
}

if (mysql_num_rows($result) == 0) {
session_unregister("uid");
session_unregister("pwd");
?>
Your User ID or Password is incorrect.
</body>
</html>
<?php
exit;
}

$username = mysql_result($result,0,"fullname");
?>

<a href='index.php?logoff=true'>Logout</a>

<?php
if ($logoff=="true") {
session_unregister("uid");
session_unregister("pwd");
session_destroy();
}
?>

Its the link called logout that is the problem!
Is there anything I need to add to session_unregister("uid");, session_unregister("pwd"); or session_destroy(); to make it logout first time?

Thanks!

Kudose

I would have a link:


<a href="logout.php">LOGOUT</a>

which send them here:


session_unregister("uid"); 
session_unregister("pwd"); 
session_destroy(); 

echo "You are now logged out!";

press711

PHP does have some troubles handling session, especially in a windows enviorment.

When you are checking for login also check wether the uid is not guest. And on logout simply set uid as guest and then unregister the session variables.

So even of unregister dosent work your uid will be set to guest.

PS: You do not need to store the password in the sessions.

jacquesy

of course!!

Thaks for this!