I have a code a to do log out
The Problem is i can't header to index page after session_unset and session_destroy it stay in the page logout.php
i use ob_start();
and exit(); after the header
i also tried to use
header("Location:index.php");
also i tried to use
header("Location: https://sitename.com/index.php");
also i tried to use
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
header('Location: ' . $home_url);
also i tried to use
echo "<script type='text/javascript'> window.location='index.php'; </script>";
and i tried to echo the session after session_unset and session destroy nothing appear if i print the session before that i have the value of the session
if i click back on the browser button i return back without any problem
This my logout code
<?php
ob_start();
session_start();
include("includes/connect.php");
include("includes/functions.php");
$userid=$_SESSION["userid"];
$date=date('Y-m-d H:i:s');
$query=mysqli_query($conn,"update tbl_user set db_isonline='0' where db_uid='$userid'")or die(mysqli_query($conn));
$sql=mysqli_query($conn,"select db_userid,db_loginid from tbl_login where db_userid='$userid' order by db_datetime desc limit 1")or die(mysqli_error($conn));
$row=mysqli_fetch_array($sql);
$id=$row['db_loginid'];
$update_query=mysqli_query($conn,"update tbl_login set db_datetimeout='$date' where db_loginid='$id'")or die(mysqli_error($conn));
$tables = array();
$showTable = "SHOW TABLES from $DbName";
$getData = mysqli_query($conn, $showTable);
while ($row = mysqli_fetch_row($getData)) {
$tables[] = $row;
}
Export_Database($mysqlHostName,$mysqlUserName,$mysqlPassword,$DbName, $tables=false, $backup_name=false );
session_unset($_SESSION["userid"]);
session_destroy();
header("Location:index.php");
exit();
ob_end_flush();
?>
Can some help to fixed this problem ??!!
Used This :
header('Refresh: 1; URL=index.php');
Related
i have used this code for years and never experienced this, using a new hosting service prior to the ones i have always used and am getting this issue.
session_start();
$rec_page = $_SERVER['REQUEST_URI'];
$cPage = $_SERVER['PHP_SELF'];
if(!isset($_SESSION['isadmin'])){
header('location: login.php?l=i');
}
include('includes/constants.php');
include('includes/functions.php');
$admin_login = $_SESSION['login'];
$admin_psw = GetAdminInfo($admin_login,'1');
if(isset($_REQUEST['cmd'])){
if($_REQUEST['cmd']=="logout"){
session_destroy();
header('location: login.php');
}
}
this is the section of the code with the issues, once i login i get redirected to the login.php if i delete this
`if(!isset($_SESSION['isadmin'])){
header('location: login.php?l=i');
}`
i can login successfully but if i click on another page i will have to login again, so im guessing its a Session problem.
here is the action php for the login.php
<?php
include('../includes/constants.php');
include('../includes/functions.php');
if(isset($_POST['xin'])){
$ikey = addslashes($_POST['textKey']);
$nkey = addslashes($_POST['textname']);
$mysqli = mysqli_connect($dbserver,$dbuser,$dbpass) or die('Cannot connect to db');
mysqli_select_db($mysqli, $db_db) or die('Cannot select db');
$result=mysqli_query($mysqli, "SELECT * FROM admins WHERE login = '".$ikey."' && adminname = '".$nkey."'");
$cnt = mysqli_num_rows($result);
if($cnt > 0){
while($rw=mysqli_fetch_array($result)){
session_start();
$_SESSION['isadmin']=true;
$_SESSION['login'] = $ikey;
$_SESSION['adminname'] = $nkey;
header('location: ../index.php?cm='.$_SESSION['isadmin']);
}
}else{
header('location: ../login.php?err=1'.mysqli_error($mysqli));
}
mysqli_close($mysqli);
}
?>
use javascript instead of header. No long story
echo "<script>parent.self.location='index.php';</script>";
I want to check in login page if one user already login in the system its go to index page. But the code i used had an error like this
localhost redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS
and this is my code to check the user is login or not. Thanks
<?php
session_start();
include '../pages/koneksi.php';
if(isset($_SESSION['username'])){
$username = $_SESSION['username'];
$res = mysqli_query($link, "select * from tb_user where username = '$username';");
$user = mysqli_fetch_array($res);
$_SESSION['ID']=$user['ID'];
header("location: index.php");
die();
} else {
header("location: login.php");
}
?>
And this is the index file
<?php
session_start();
include '../pages/koneksi.php';
//check session udah login apa belum
if(isset($_SESSION['username'])){
$username = $_SESSION['username'];
$res = mysqli_query($link, "select * from tb_user where username = '$username';");
$user = mysqli_fetch_array($res);
$_SESSION['ID']=$user['ID'];
} else {
header("location: login.php");
}
?>
Do this... On
index.php
<?php
session_start();
include '../pages/koneksi.php';
if(!isset($_SESSION['username'])){header("location: login.php");}
?>
And on
login.php
<?php
session_start();
include '../pages/koneksi.php';
if(isset($_SESSION['username'])){header("location: index.php");}
?>
Don't add these code on same page... both code are opposite of each other.
If you add them in same page then if or else condition runs every page load....
I have two PHP files that I have abstracted below:
FILE 1: login.php
<?
ob_start();
session_start();
$q = "SELECT user_id, user_first_name, user_priv, user_reg_date, user_pref, user_last_login FROM Users WHERE (user_email='$e' AND user_pass=SHA1('$p')) AND user_active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) == 1) { // A match was made.
// Register the values & redirect:
$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC);
session_write_close();
mysqli_close($dbc);
$url = BASE_URL . '/CustomIndex.php'; // Define the URL:
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
}
?>
FILE 2: CustomIndex.php
<?
ob_start();
session_start();
if (empty($_SESSION['user_first_name'])) {
if(isset($_GET['custom2'])){
$url = BASE_URL . '/index.php'; // Define the URL.
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
}
sleep(5);
$url = BASE_URL . "/CustomIndex.php?custom2=1";
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
}
if(isset($_SESSION['user_first_name'])){
// …program code…
}
?>
When FILE 1 (login.php) is executed, then maybe 10% of the time the "if (empty($_SESSION['user_first_name']))" statement in FILE 2 (CustomIndesx.php) is true, and instead of being executed, the client is redirected to index.php, as if the $_SESSION variables had not been set.
However, after that happens, if I run FILE 2 (CustomIndesx.php) directly, it reads the $_SESSION data and executes properly.
I added all that code after "SLEEP" to simulate running CustomIndesx.php manually, but except for delaying the redirect by 5 second, nothing changed.
Can anyone suggest a reason for this random behavior, and how to eliminate it?
1) An important thing is: session_start() must be the first code line in both pages. If not, the session is closed after finished running each page script.
See what happened in
PHP _Session variable no longer persistate
PHP session for tracking unique page views
2) Then, in login.php code part:
session_write_close();
mysqli_close($dbc);
$url = BASE_URL . '/CustomIndex.php'; // Define the URL:
ob_end_clean(); // Delete the buffer.
header("Location: $url");
You are writing in session with session_write_close() and closing it. Then, in the CustomIndex.php you are trying to open it again. It seems that it's not the same session id opened. So, try to delete session_write_close(); line and test again.
Good luck!
EDIT 1:
Login.php:
<?php
session_start();
$q = "SELECT user_id, user_first_name, user_priv, user_reg_date, user_pref, user_last_login FROM Users WHERE (user_email='$e' AND user_pass=SHA1('$p')) AND user_active IS NULL";
$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (mysqli_num_rows($r) > 0) {
$_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC);
mysqli_close($dbc);
$url = BASE_URL . '/CustomIndex.php';
header("Location: $url");
exit();
}
?>
CustomIndex.php:
<?php
session_start();
if (!isset($_SESSION['user_first_name']) || empty($_SESSION['user_first_name'])) {
echo 'SESSION USER_FIRST_NAME IS NOT SET!';
} else {
echo 'SESSION USER_FIRST_NAME IS OK: ' . $_SESSION['user_first_name'];
}
?>
Session variables are not set at the first time. From action.php it goes to employee.php But in employee.php $_SESSION['EmpID'] shows nothing when I log in for the 1st time. If I log out and log in again then works fine. works fine in localhost.
action.php
<?php
session_start();
if(isset($_POST['UserID'])&&isset($_POST['Password']))
{
$id = $_POST['UserID'];
$pass = $_POST['Password'];
$result = mysqli_query($con,"select * from auth_det where UserName='$id' and Password='$pass'");
if(mysqli_num_rows($result)>0)
{
$row = mysqli_fetch_array($result);
//echo $row['UserID'];
//echo $row['Password'];
$_SESSION['UserName']=$id;
$_SESSION['EmpID'] = $row['EmpID'];
$_SESSION['is_auth'] = true;
$_SESSION['User'] = "Emp";
echo "<script type='text/javascript'>window.location.href = 'Employee/employee.php'; </script>";
exit();
}
logout.php
<?php
session_start();
session_destroy();
echo "<script type='text/javascript'> document.location = '../login.php'; </script>";
?>
employee.php
session_start();
$EmpID=$_SESSION['EmpID'];
echo "EmpID=".$EmpID;
if(!isset($_SESSION['EmpID']))
{
echo "<script type='text/javascript'> window.location.href = 'logout.php'; </script>";
}
try to move the session_start() to the action.php file.
At first connect php doesn't create a session at action.php
Then you get redirected and employee.php starts the session.
If you try this again later a session is already open so you have no problems at the action php.
Also think about switching the Javascript Redirect to an header redirect since it still works if the Client disabled Javascript
please check that you did'nt forgot to write session_start(); on the top of action.php page
I have a session set up like this:
<?php
session_start();
include 'conconfig.php';
$con = new mysqli(DB_HOST,DB_USER,DB_PASS,DB_NAME);
$email = $_POST['email'];
$pass = $_POST['pass'];
$query = "SELECT * FROM tempusers WHERE user='$email' AND pass='$pass'";
$result = mysqli_query($con,$query)or die(mysqli_error());
$num_row = mysqli_num_rows($result);
$row=mysqli_fetch_assoc($result);
if( $num_row >=1 ) {
echo 'true';
$_SESSION['uName'] = $row['uName'];
}
else{
echo 'false';
}
?>
and in my logout.php I have
<?php
session_start();
session_unset();
unset($_SESSION['uName']);
session_destroy();
header("Location:index.php");
?>
but none of the session_unset(); , unset() and session_destroy(); seems to be not working because after getting to the page I am still able to use browser Back button and back to the restricted page! besides the header() is not changing the page into index.php can you please let me know what I am doing wrong and how I can fix it?
Basically, I have a Log out Link in Restricted page which is like this
<a href="logout.php" >Logout</a>
Thanks
Update:
Here is the Session code which I have at the top of restricted page
<?php
session_start();
if(empty($_SESSION['uName'])){
header('Location: login.php');
}
?>
Try regenerating the session id and destroying all the data.
<?php
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
header("Location:index.php");
exit();
?>