0

hi,
here i mention my code its a code to login and logout code when i click on logout than its return on userlogin page but when i press back button of browser its return to previous page.
code here

RM.php

<form action="login.php" method="post">
        <table width="300" align="center" border="1">
            <tr>
                <td colspan="3" align="center"><h2>Login</h2></td>
            </tr>
             <?php
             $msg=$_GET['msg'];
             if(isset($msg))
             {
                    //echo "hello";
                    echo "<tr><td colspan='3'><font color='#FF0000'>" .$msg. "</font></td></tr>";
             }
            ?>
            <tr>
                <td width="80" align="right">Userid</td>
                <td width="10">:</td>
                <td><input type="text" id="txt_userid" name="txt_userid" /></td>
            </tr>
            <tr>
                <td width="80" align="right">Password</td>
                <td width="10">:</td>
                <td><input type="text" id="txt_pass" name="txt_pass" /></td>
            </tr>
            <tr>
                <td width="80"></td>
                <td width="10"></td>
                <td><input type="submit" id="txt_sub" name="txt_sub" value="Login" /></td>
            </tr>

        </table>
    </form>

login.php

<?php 
    session_start();
    if($_POST['txt_userid']=="rm" && $_POST['txt_pass']=="123")
    {
        $_SESSION['username']="rm";
        $_SESSION['pass']="123";
        header("location:welcome.php");
    }
    else
    {
        /*?>
        <script language="javascript">
            alert("Check user name and password");
        </script>
        <?php*/
        header("location:rm.php?msg=Check user name and password");
    }
?>

welcome.php

<?php
    session_start();
    echo $_SESSION['username'];
?> 
<a href="logout.php">Logout</a>

Logout.php

<?php
    session_start();
    session_unset(void);
    header("location:login.php");
?>

anybody suggest me where is the mistake

i want a proper login and logout page.
thanks

Edited by Nick Evan: Fixed formatting

5
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by sainigks
1

I'm guessing you mean you can still hit back on the browser and see welcome.php even though you've logged out? This is a simple matter of checking if session variables have been set at the top of each page that you don't want somebody who isn't logged in to see. You can put something like this at the top of each page:

//Start session
session_start();

//Check whether the session variable has been set 
// and if it is not blank
if(!isset($_SESSION['username']) || (trim($_SESSION['username'])=='')) 
{
        //if session variable username isn't set or it is blank
        //redirect to login page.
	header("location: RM.php");
	exit();
}

Now if you hit back in the browser when you've already logged out, this should redirect you to the RM.php page. And shouldn't your logout.php redirect to RM.php so the user can enter in their login info before it's checked by the login.php script?

Edited by ctaylo21: n/a

0

Logout.php :

<?php
session_start();
unset($_SESSION['username']);
unset($_SESSION['pass']);
session_destroy();

header("Location: login.php");
exit;
?>
0

before using session variables you must assign them null value. after that assign them value :-

$_SESSION="rm";
$_SESSION="123";

And on logout page after destroying session again make their value null.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.