log-out

niall_buckley

Hi all,

I am trying to log users out by clicking a submit.....which means that when the user hits submit on start.php that they will be automatically logged out by the time the reach finished.php...
Any ideas....

Thanks
Niall...

mtimdog

that depends on how you're logging them in.

niall_buckley

with a username and password...and carrying them in hidden fields throughout the program

groovything

easy way if you are using session variables:

pop up a window that:
1. destroys sessions
2. refreshes parent window
3. closes itself

or if you dont want to use pop ups, just do it inline and have a "return to previous" page link

<? 
session_start();
session_unset();
session_destroy();
?>


<html>

<head>

<META HTTP-EQUIV="Pragma" CONTENT="no-cache">

<script language=javascript>
self.blur()
opener.focus()
opener.location.reload();self.close(); 
</script>
</head>

<body>

</body>

</html>

groovything

Originally posted by niall_buckley
with a username and password...and carrying them in hidden fields throughout the program

You really should not use hidden fields since the user can just view source to see the information (they can disable javascript if you are using it to block right clicks)

session variable are really useful and pretty easy to use

niall_buckley

the passwords are encrypted...how easy is it to use session variables

mtimdog

session_start() at the top of your pages.

$_SESSION['logged_in'] = true;

test for logged_in.

if (isset($SESSION['logged_in']) && $SESSION['logged_in'] == true){
//you're logged in, else you're not.

groovything

Originally posted by niall_buckley
the passwords are encrypted...how easy is it to use session variables

I guess youre okay with the encrypted elements. the only advantage that session variables might give you is the ability to go anywhere in your site without having to pass the hidden form element on every page.

<? if ($sessUsername != "") { ?>
  <a href="default.php?logoutSubmit=y"> 
      <img src="img/logout.gif" border="0"></a>
<? }else{ ?>
<form name="login" action="default.php?loginSubmit=y&page=<? echo $page ?>&menu=<? echo $menu ?>&QpartyID=<? echo $QpartyID ?>&QregistryID=<? echo $QregistryID ?>&Qaction=<? echo $Qaction ?>&Qall=<? echo $Qall ?>" method="post">
		<? if ($loginSubmit == "y") { ?>
        <table align="center" border="0" cellpadding="1" cellspacing="0"><tr><td bgcolor="ff0000">
		<table border="0" cellpadding="5" cellspacing="0"><tr><td bgcolor="ffffff">
		<font color="ff0000">Login failed. <br>
		Please try again.</font>
		</td></tr></table>
		</td></tr></table>
        <? }?>
		<table border="0" cellpadding="0" cellspacing="0" align="center">
		<tr><td>Username:</td></tr>
		<tr><td><input name="STRusername" type="text" value="" <? if (eregi("MSIE",$HTTP_USER_AGENT) || eregi("Netscape6",$HTTP_USER_AGENT)){ ?>class="contactInput" size="15"<? ;}else {?> size="8" <? ;} ?>></td></tr>
		<tr><td>Password:</td></tr>
		<tr><td><input name="STRpassword" type="password" id="STRpassword" value="" <? if (eregi("MSIE",$HTTP_USER_AGENT) || eregi("Netscape6",$HTTP_USER_AGENT)){ ?>class="contactInput" size="15"<? ;}else {?> size="8" <? ;} ?>></td></tr>
		<tr><td><input type="submit" name="Submit" value="log in"><br>
		  <input name="rememberMe" type="checkbox" id="rememberMe" value="y">
		  Remember Me</td>
		</tr>
		</table></form>

<?
session_start();
if ($logoutSubmit == "y") {
session_unset();
session_destroy();
    setcookie ("usernameCookie", "",time()- 3600); 
	setcookie ("passwordCookie", "",time()- 3600); 
}
if(isset($_COOKIE['usernameCookie']) && isset($_COOKIE['passwordCookie']) && $loginSubmit != "y")  

{
$Qusername = $_COOKIE["usernameCookie"];
$Qpassword = $_COOKIE["passwordCookie"];
}else{
$Qusername = $STRusername;
$Qpassword = $STRpassword;
}
if ((($Qusername != "")and($Qpassword != ""))and($sessUserID =="")and($logoutSubmit != "y"))
 {
        $connection = mysql_connect("localhost","username","$password")  

        or die ("Couldn't connect to server."); 


//select db 

    $db = mysql_select_db("database", $connection) or die("Couldn't select database."); 


//create sql statement 
    $sql = "SELECT * from users where username = '$Qusername' and password = '$Qpassword'";
//execute sql query and get results     
    $sql_result = mysql_query($sql) or die("The username/password combination you entered is incorrect."); 


  //format results by row 
        while ($row = mysql_fetch_array($sql_result)) { 
          $userID = $row["userID"];
		  $username = $row["username"];         

          $password = $row["password"];         

          $userEmail = $row["email"];         

          $userLastName = $row["lastName"];         

          $userFirstName = $row["firstName"];         

          $usertype = $row["usertype"];
		  $STRtoday = date("l, F jS, Y");
		  $lastVisit = $row["thisVisit"];
		  $logins1 = $row["logins"];
		  $logins2 = $logins1 + 1;
		  $IMGpath = $row["IMGpath"];
		  $WAVpath = $row["WAVpath"];

	    }       
$result = mysql_query ("Update users SET logins = '$logins2', thisVisit = '$STRtoday', lastVisit = '$lastVisit' where userID = '$userID'");

if ($username != "") {
					session_register("sessUsername");
					session_register("sessPassword");
					session_register("sessUserRealName");
					session_register("sessUserID");
					session_register("sessUserEmail");
					session_register("sessUserType");
					session_register("sessIMGpath");
					session_register("sessWAVpath");
					$sessUserRealName = $userFirstName." ".$userLastName;
					$sessUsername = $username;
					$sessPassword = $password;
					$sessUserID = $userID;
					$sessUserType = $usertype;
					$sessUserEmail = $userEmail;
if ($rememberMe == "y")
	{
	setcookie("usernameCookie", $sessUsername, time()+60*60*24*100, "/");
	setcookie("passwordCookie", $sessPassword, time()+60*60*24*100, "/");
	}
					if ($WAVpath != "")
						{
						$sessWAVpath = $WAVpath;
						}
					if ($IMGpath != "")
						{
						$sessIMGpath = $IMGpath;
						}
					 }

}?>

hope this helps.