Web Analytics Made Easy -
StatCounter Questions about Log-Out feature - CodingForum


No announcement yet.

Questions about Log-Out feature

  • Filter
  • Time
  • Show
Clear All
new posts

  • Questions about Log-Out feature

    I know these may sound like silly questions, but...

    1.) What should a "Log-Out" feature do?

    2.) How do you properly "Log-Out" a user?

    Here is my best stab at things...
    PHP Code:
    // Initialize a session.

    //<!-- Include Constants -->

    // Log Out User.
    $_SESSION['loggedIn'] = FALSE;

    // Redirect User.
    if (isset($_SESSION['returnToPage'])){
    header("Location: " WEB_ROOT $_SESSION['returnToPage']);
    // Take user to Home Page.
    header("Location: " WEB_ROOT "index.php");

    // End script.


  • #2
    Looks good (consider using unset() instead of setting to false maybe?), but a proper logout depends on what you actually set on 'log in'. For example, if there's a remember me cookie - you'll need to delete that too. If there's any cookie associated with the login, you'll have to delete that as well. Also, if there's more than one session variable, you should unset that as well. AND it also depends on whether your session stores it's id using a cookie (this is default). As a failsafe method, you should follow the method on the session_destroy() manual - http://php.net/manual/en/function.session-destroy.php . This not only resets all session variables, but it deletes any cookies associated with the session itself and then destroys the session. Following that method, you should also delete any cookies you set yourself.

    As a note, this will remove any variables in the $_SESSION array, meaning you might want to check if they exist before comparing indexes with values.

    PPS - I was quite tired when writing this, but I think I was coheirent haha, let me know if you want anything cleared up.
    Useful function to retrieve difference in times
    The best PHP resource
    A good PHP FAQ
    PLEASE remember to wrap your code in [PHP] tags.
    PHP Code:
    // Replace this
    // With this
    // Then check for values/forms. Some IE versions don't send the submit button 
    Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.