13 Replies - 701 Views - Last Post: 17 July 2009 - 02:10 PM Rate Topic: -----

#1 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Question Regarding sessions

Posted 16 July 2009 - 12:14 PM

Hey guys, I know this question has probably been asked 100 times before, but

I have read in a number of tutorials that every page which requires the user to be logged in should start with

 <?php
  session_start();
  session_destroy();
?>


I'm sorry, but on no level does this make sense to me. If someone could perhaps explain what I am missing in my understanding?

Is This A Good Question/Topic? 0
  • +

Replies To: Question Regarding sessions

#2 RPGonzo  Icon User is offline

  • // Note to self: hmphh .... I forgot
  • member icon

Reputation: 151
  • View blog
  • Posts: 954
  • Joined: 16-March 09

Re: Question Regarding sessions

Posted 16 July 2009 - 12:22 PM

You dont want the session_destroy() unless your logging the user out ...

The session_start() is required so that the server can keep up with the user ... one method of insuring the user is "logged in" is to set a variable on login and just check it on every page they should be logged in on ...

session_start();
if (!$isLoggedIn) { session_destroy(); header("Location: /index.php"); }



something like that ... where $isLoggedIn carries a boolean value from the login script
Was This Post Helpful? 0
  • +
  • -

#3 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Re: Question Regarding sessions

Posted 16 July 2009 - 12:54 PM

Thanks, I understand.

But now, I'm using the login system described here and I can't work out how to make a log out system from it.

I made a link to this script on the log in success page

<?php
	session_start();
	session_destroy();
	header("location:index.php"); // index.php being the login form
?>



but I know it doesn't work because if I navigate to login_success.php then it says log in successful even after clicking the link.
Was This Post Helpful? 0
  • +
  • -

#4 Wimpy  Icon User is offline

  • R.I.P. ( Really Intelligent Person, right? )
  • member icon

Reputation: 159
  • View blog
  • Posts: 1,038
  • Joined: 02-May 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:13 PM

Your browser might be caching the page, but I think you also should put a "session_unset()" in there:
<?php
	session_start();
	session_unset();
	session_destroy();
	//...
?>


View PostBeefo, on 16 Jul, 2009 - 09:54 PM, said:

Thanks, I understand.

But now, I'm using the login system described here and I can't work out how to make a log out system from it.

I made a link to this script on the log in success page

<?php
	session_start();
	session_destroy();
	header("location:index.php"); // index.php being the login form
?>



but I know it doesn't work because if I navigate to login_success.php then it says log in successful even after clicking the link.

Was This Post Helpful? 0
  • +
  • -

#5 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:28 PM

I did do that but it didn't solve the problem.

I navigated to the login_success.php page in IE (haven't used it once) and it still gave me the login successful message.

//login_success.php source
<?
session_start();
if(!session_is_registered(myusername)){

header("location:main_login.php");
}
?>

<html>
<body>
Login Successful
<a href="/index.php">Log Out</a> 
</body>
</html>



This post has been edited by Beefo: 16 July 2009 - 01:30 PM

Was This Post Helpful? 0
  • +
  • -

#6 Wimpy  Icon User is offline

  • R.I.P. ( Really Intelligent Person, right? )
  • member icon

Reputation: 159
  • View blog
  • Posts: 1,038
  • Joined: 02-May 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:42 PM

You shouldn't even use "session_is_registered()" since it is a deprecated function and will be removed as of version 6 of PHP. When logging in a user you should instead of using "session_register()" which is also deprecated, do something like this:
<?php
//...
$_SESSION['is_logged_in'] = true;
header("location:login_success.php");
?>

When checking if a user is logged in you do something like this:
<?php
session_start();
if(isset($_SESSION['is_logged_in']) && $_SESSION['is_logged_in'] == true)
{
	// User is logged in
}
else
{
	// User is not logged in
}
?>


:)
Was This Post Helpful? 0
  • +
  • -

#7 RPGonzo  Icon User is offline

  • // Note to self: hmphh .... I forgot
  • member icon

Reputation: 151
  • View blog
  • Posts: 954
  • Joined: 16-March 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:46 PM

if(!isset($_SESSION['is_logged_in']) || $_SESSION['is_logged_in'] != true) {
  // logout or redirect user
}



same thing as wimpy posted just modified so you don't have to many wandering } so have to close the conditional statements...
Was This Post Helpful? 0
  • +
  • -

#8 Wimpy  Icon User is offline

  • R.I.P. ( Really Intelligent Person, right? )
  • member icon

Reputation: 159
  • View blog
  • Posts: 1,038
  • Joined: 02-May 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:50 PM

Yeah, I thought of that, but I was too lazy to alter my already written example! ^^

View PostRPGonzo, on 16 Jul, 2009 - 10:46 PM, said:

if(!isset($_SESSION['is_logged_in']) || $_SESSION['is_logged_in'] != true) {
  // logout or redirect user
}



same thing as wimpy posted just modified so you don't have to many wandering } so have to close the conditional statements...

Was This Post Helpful? 0
  • +
  • -

#9 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Re: Question Regarding sessions

Posted 16 July 2009 - 01:56 PM

Still not working. I can still view the login_success.php page.
Was This Post Helpful? 0
  • +
  • -

#10 RPGonzo  Icon User is offline

  • // Note to self: hmphh .... I forgot
  • member icon

Reputation: 151
  • View blog
  • Posts: 954
  • Joined: 16-March 09

Re: Question Regarding sessions

Posted 16 July 2009 - 07:30 PM

Help us with the current written code you have so we can have a peek at what is NOT working :D
Was This Post Helpful? 0
  • +
  • -

#11 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Re: Question Regarding sessions

Posted 17 July 2009 - 08:23 AM

Ok, I've attached my current files.

This system still doesn't work.

As far as I know, I shouldn't be able to visit profile.php because it requires a registered session, but you could open it up directly from the folder and it will display. It should redirect if you're not logged in.

 <?phpsession_start();
if(!isset($_SESSION['is_logged_in']) || $_SESSION['is_logged_in'] != true) {
		session_unset();
	session_destroy();
	header("location:/index.php");
}

echo 'You are logged in';

?>

<html>

<a href="logout.php">Log Out</a>

</html>


Attached File(s)


Was This Post Helpful? 0
  • +
  • -

#12 RPGonzo  Icon User is offline

  • // Note to self: hmphh .... I forgot
  • member icon

Reputation: 151
  • View blog
  • Posts: 954
  • Joined: 16-March 09

Re: Question Regarding sessions

Posted 17 July 2009 - 09:15 AM

Without looking at your file this needs to be corrected ...

 <?phpsession_start();



change to

 <?php
session_start();



Its just running together


EDIT after looking at your files ...

To use or set anything to do with sessions you MUST have session_start() at the top of the PHP ... in your check login you set the variables but you don't start the session ... so they only last as long as the page ... when you redirect you loose them ...

This post has been edited by RPGonzo: 17 July 2009 - 09:26 AM

Was This Post Helpful? 0
  • +
  • -

#13 Beefo  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 10
  • Joined: 16-July 09

Re: Question Regarding sessions

Posted 17 July 2009 - 02:09 PM

Ok, that did it. Thank you very much!
Was This Post Helpful? 0
  • +
  • -

#14 RPGonzo  Icon User is offline

  • // Note to self: hmphh .... I forgot
  • member icon

Reputation: 151
  • View blog
  • Posts: 954
  • Joined: 16-March 09

Re: Question Regarding sessions

Posted 17 July 2009 - 02:10 PM

Np glad you got it working -_-
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1