Hi I am developing a website using codeigniter,php that requires secure login, The problem arises when I logout, & firstly I destroy the session but trouble is, when I click back on the browser it is displaying the Login page again.. Thanks for answers in advance
Following is my index function &
website is my controller .
public function index()
{
if(logged_in() )
{
redirect('/website/dashboard');
}
else
{
redirect('/website/login');
}
}
code works for me.. But when i logout from site & press back button i am seeing my dashboard again...
my log out function :
public function logout($redirect = false)
{
$this->CI->session->sess_destroy();
if($redirect)
{
$this->CI->load->helper('url');
redirect($redirect, 'refresh');
}
}
I suggest you to add something like following code to each of your VIEW page
<?php
if($this->session->userdata('session_set')!='true' )
{
redirect('/website/login');
}?>
Related
created a simple page of session, Even after logout from the page i'm still able to access the login page.
I have also destroyed all the session but still can't find any solution.
view - flashdata_home.php
<form action='add' method='post'>
<input type ='text' name='value'/>
<input type='submit' value='Enter ' />
</form>
Controller - FlashData_Controller.php
<?php
class FlashData_Controller Extends CI_Controller {
function __construct() {
parent::__construct();
$this->load->library('session');
$this->load->helper('url');
}
public function index(){
$this->load->view('flashdata_home');
}
public function add(){
// adding flash data
//$this->session->set_flashdata('item','This is me');
$this->session->set_userdata('Name',$this->input->post('value'));
//redirect to home page
// redirect('flashdata');
if($this->session->has_userdata('Name')){
$data = array('value' => $this->session->Name);
$this->load->view('adminflashdata_home',$data);
}
else
{
$this->load->view('flashdata_home');
}
}
public function logout(){
$this->session->unset_userdata('Name');
$this->session->sess_destroy('Name');
$this->load->view('flashdata_home');
}
}
view - adminflashdata_home.php
<?php
echo $value;
<li>Logout</li>
?>
Unsettling the session in CI is very simple and it looks like this.
In your Code you have unset the data but you have to unset the variable as i did.
For Single Data:
$this->session->unset_userdata('some_name');
For Array of Datas:
$array_items = array('username' => '', 'email' => '');
$this->session->unset_userdata($array_items);
For destroy the session:
$this->session->sess_destroy();
I think your problem is, though we destroy session we can still access the page that should be loaded only if the user in logged in.
For example, when user log in with correct credentials the url should look like this: localhost/app/controller/function (just for instance). And later when the user log out you will redirect back to login page. But if we type localhost/app/controller/function in url or if we click back button in browser, the browser will load the page !!! I consider your stated problem is same like this.
For this problem I always use a solution in every function of controller. Like;
class MainController extends CI_Controller {
function test {
$user_name = $this->session->userdata('user_name');
if(isset($user_name)) {
//the actual function code goes here
}
else {
//redirect to the login function
}
}
}
I hope this helped some one.. cheers..
I have below to handle logout and display information in the header to show after logout. But sometimes, it doesn't work. I suspect whether it is good to write this code to handle. Do you have any ideas? Please help
public function logout(){
$this->nativesession->delete('user');
redirect(base_url()); }
In header section of the php page:
<?php $usr = $this->nativesession->get('user');
if(!isset($usr) || empty($usr) || $usr["username"]==null) {
// show login button
}
Logout Function:
public function logout()
{
// Removing session data
$this->session->sess_destroy();
redirect('users/home');
}
Add In Header befor html tag:
<?php
if ($this->session->userdata['admin']!='admin' ) {
redirect('login');
}
?>
After spending so many days, am trying to get some help from experts.
I am stuck with login redirection in my yii2 application only in chrome browser,
This is my controller class,
class InvitationsController extends Controller
{
public function beforeAction($action)
{ $array=array('index','imageupload','template','category','subcategory','slug','chooseanotherdesign');
if(!in_array($action->id, $array))
{
if (\Yii::$app->getUser()->isGuest &&
\Yii::$app->getRequest()->url !== Url::to(\Yii::$app->getUser()->loginUrl)
) {
\Yii::$app->getResponse()->redirect(\Yii::$app->getUser()->loginUrl,FALSE);
}
}
return parent::beforeAction($action);
}
public function actionGenerateevent(){
$redirectUrl="";
if(Yii::$app->request->post()){
unset(Yii::$app->session['copyinvitation']);
unset(Yii::$app->session['eventform']);
Yii::$app->session['eventform']=Yii::$app->request->post();
}
if (!Yii::$app->user->isGuest)
{
$eventid=$this->invitation->savecontinue(Yii::$app->session['eventform']);
$eventdata=$this->invitation->getEventById($eventid);
$refurl=Yii::$app->session['eventform']['refererurl'];
$aa['Events']=$eventdata;
$aa['refererurl']=$refurl;
Yii::$app->session['eventform']=$aa;
$redirectUrl = Yii::$app->urlManager->createAbsoluteUrl(['invitations/event/'.$eventdata['event_token']]);
return $this->redirect($redirectUrl);
}
}
}
My workflow
step1: submitting formdata to controller xx-action
step2: If user login it will proceed further action
Else
am trying to store the values in session then redirecting the page to login
step 3: after successful login am return back to same xx-action
This workflow is working fine in firefox but chrome it's making infinitive loop its not going through the login page.
Please refer am attached the screenshot
Please help me to solve this issue.
I can't infere how are you calling your actionGenerateevent() but you seems to have an error there:
$redirectUrl=""; //empty
...
return $this->redirect($redirectUrl); //still empty
Since you are not setting your $redirectUrl, your redirect is redirecting you to the current (same) url again and again, causing the loop.
This is the function used by redirectUrl() method: Url::to(). Its docs says:
an empty string: the currently requested URL will be returned;
Got this question here (sorry for being stupid), Just started with Codeigniter recently.
I have a login-system working fine. I tried to go to homepage while logged in with code on index-header.php:
<?php
if( !isset($_SESSION) ){
echo 'Login';
} else {
echo 'Log Out';
}
?>
And on main_view.php (homepage controller)
public function __construct() {
parent::__construct();
$this->load->library('session');
}
public function index() {
if($this->session->userdata('is_logged_in')){
$data['title'] = "Home";
$this->load->view('headfoot/header-main',$data);
$this->load->view('main_view');
$this->load->view('headfoot/footer-main');
} else {
$data['title'] = "Home";
$this->load->view('headfoot/header-main',$data);
$this->load->view('main_view');
$this->load->view('headfoot/footer-main');
}
}
}
Now, if I click logout from homepage while still logged in, it disconnects the session fine but doesn't change text back to "Login" in homepage after refresh.
In other words, it always shows text as "Logout" whether or not user is logged in.
dashboard.php (controller)
public function logout() {
$this->session->sess_destroy();
$data['title'] = "Logged out";
$data['logout_msg'] = "You have successfully logged out.";
$this->load->view('headfoot/header-login',$data);
$this->load->view('admin/login', $data);
$this->load->view('headfoot/footer-login');
}
Is it a good practice to create is_logged_in.php a separate file? If yes then how to link sessions to it?
change this:
<?php
if( !isset($_SESSION) ){
to:
<?php if($this->session->userdata('username') == null ){
i'm using 'username' here by assuming you have set username as session data when you allow user to log in.
Use $this->session->sess_destroy(); to kill session. Check this URL. Kill session by controller then use redirect.
By the way, create a file under application/core folder called MY_Controller.php and make your session things on it. If you want to learn more just google it.
Im Workin on a Webapplication in PHP with CodeIgniter, and im stuck :P
Its very difficult to explain, so i show it with an example.
I have normal CodeIgniter Controller. In this Controller i have a function like this:
<?php
public function groups($subdomain ='') {
$this->load->library('MyLogin');
$user_id = $this->mylogin->logged_in();
if ($subdomain == '') {
.....
} elseif ($subdomain == 'create') {
.....
} elseif ($subdomain == 'join') {
.....
} elseif ($subdomain == 'leave') {
.....
} elseif ($subdomain == 'assign') {
.....
} else {
.....
}
}
The logged_in Function checks if the user who's loading this page (sub pages) is logged in. If not he gets automatically redirected in the logged_in function like this:
echo header("Location: /user/login");
5 Minutes ago this worked well. Now i created a new subdomain 'assign'.
Now if im not logged in and try to Connect to one of the following URLS i always get redirected
localhost/user/groups
localhost/user/groups/2
localhost/user/groups/create
localhost/user/groups/join
localhost/user/groups/leave
But if im connecting to
localhost/user/groups/assign
he tries to load this page (what does not work because the $user_id is empty).
Why the ... does this happen?
Regards Teifun2
I recommend you modify the logged_in() function from this:
echo header("Location: /user/login");
To this:
header("Location: /user/login");
exit;
I think that will solve the problem. The echo has nothing to do with it, it's just superfluous.
use $_session while logging user in...! so he will reamain logged in even after refresh and page change..! And empty values wont pass.