hi there,
having issues with previously working logout script which removed session
and logged out successfully...
now for some reason not working...
code is below, wondered if anyone had experienced issues with unsetting
sessions before and had some checks i could do to see why not working...the
login script that is included on each page is as follows below:
and to logout, its a REQUEST variable (logout) which is set to 1 (as you can
see in script below)
<?php
//LOGIN FUNCTIONS
if ($_POST['switchuser']) {
$_SESSION['stuserhash'] = $_POST['switchuser'];
$_SESSION['specialswitch']=1;
setcookie("stuserhash", NULL, time()-60*60*24*100, "/");
unset($_SESSION['specialswitch2']);
}
if ($_POST['switchuser2']) {
$_SESSION['stuserhash'] = $_POST['switchuser2'];
$_SESSION['specialswitch2']=1;
setcookie("stuserhash", NULL, time()-60*60*24*100, "/");
//unset($_SESSION['specialswitch']);
}
if (($_POST['stusername'])!='') {
//debug ("attempting to log in...");
loginProcess($_POST['stusername'],$_POST['stpassword']);
}
function loginProcess($username,$password) {
//$password = md5($password);
/* Checks that username is in database and password is correct */
$result = loginConfirmUser($username,$password);
/* Check error codes */
if($result == 1){
$_SESSION['loginerror'] = 'badusername';
}
if($result == 2){
$_SESSION['loginerror'] = 'badpassword';
}
}
//this function checks the username and password in database
function loginConfirmUser($username, $password){
$table = 'warehouse_spoc_user';
if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
}
$q = "select * from $table where username = '$username'"; //echo $q;
$result = q($q);
if(!$result || (mysql_num_rows($result) < 1)){
//echo $q; exit();
return 1; //Indicates username failure
}
//set the session variables
$userrow = getRow("warehouse_spoc_user",$dbarray['id']);
$_SESSION['stuserhash'] = $userrow['hash'];
$_SESSION['loginerror'] = '';
if(isset($_POST['remember'])){
// echo "c";
setcookie("stuserhash", $userrow['hash'], time()+60*60*24*100, "/");
}
return 0; //Success! Username and password confirmed
}
else{
//echo $password; echo $dbarray['password'];
// echo $q; echo "submittedpassword: ".$password; echo "database
password: ".$dbarray['password']; exit();
return 2; //Indicates password failure
}
}
//this function is called on every page that requires login to make sure
that they are logged in
function loginCheck(){
/* Check if user has been remembered */
if(($_COOKIE['stuserhash'])){
//echo 'c2s'; echo $_COOKIE['stuserhash']; echo 'sess'; echo
$_SESSION['stuserhash'];
if ((!isset($_POST['switchuser']))&&(!isset($_POST['switchuser2'])))
{
//echo "CHANGING SESSION TO COOKIE";
$_SESSION['stuserhash'] = $_COOKIE['stuserhash'];
}
}
/* Username and password have been set */
if(isset($_SESSION['stuserhash'])){
//check that the userhash is valid
/* Confirm that username and password are valid */
if (!isRow('warehouse_spoc_user','hash',$_SESSION['stuserhash']) ) {
/* Variables are incorrect, user not logged in */
unset($_SESSION['stuserhash']);
return false;
}
return true;
}
/* User not logged in */
else{
//echo "no session".$_SESSION['tlusername']."
".$_SESSION['tlpassword'];
//exit();
return false;
}
}
$logged_in = loginCheck();
//this function logs the person out
if (($_REQUEST['logout'])) {
//logout the user
echo "LOGGING OUT USER";
debug ("logging out the user...");
logout();
}
function logout() {
setcookie("stuserhash", NULL, time()-60*60*24*100, "/");
$_SESSION['stuserhash'] = NULL;
unset($_SESSION['stuserhash']);
unset($_SESSION['display_email']);
unset($_SESSION['display_page']);
unset($_SESSION['specialswitch']);
unset($_SESSION['specialswitch2']);
echo "LOGGING OUT COOKIE: ".$_COOKIE['stuserhash']." LOGGING OUT
SESSION: ".$_SESSION['stuserhash'];
$logged_in = loginCheck();
if ($logged_in) {
echo "STILL LOGGED IN";
}
if ($_REQUEST['s']==1) {
header ("location: spoc_formlogin.php");
} else {
header ("location: spochome.php");
} exit();
}
//echo $logged_in;
$logged_in = loginCheck();
if ($logged_in) {
$u = getRowField("warehouse_spoc_user","hash",$_SESSION['stuserhash']);
}
if ((!$logged_in)&&(!$public)) {
//echo "LOGGEDIN".$logged_in;
//echo "PUBLIC".$public;
//exit();
if ($_REQUEST['s']==1) {
header ("location: spoc_formlogin.php");
} else {
header ("location: spochome.php");
}
}
echo "COOKIE: ".$_COOKIE['stuserhash']." SESSION: ".$_SESSION['stuserhash'];
?>
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
