how to completely end sessions..

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • bulp
    New Member
    • Oct 2010
    • 3
    #1

    how to completely end sessions..

    i do having this problems.. once log out the data from database still come out but the table structure already invisible..

    how to completely disconnect from database when session end..

    Code:
    <?php

define('INCLUDE_CHECK',true);

require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined

// select record from mysql 
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);

session_name('Login');
session_set_cookie_params(2*7*24*60*60);
session_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Administrator Control Panel only!</title>
    
    <link rel="stylesheet" type="text/css" href="demo.css" media="screen" />
    
</head>

<body>

<div id="main">
  <div class="container">
    <h1>Registered Administrator Only!</h1>
    <h2>Login to view this resource!</h2>
    </div>
    
    <div class="container">
<?php
	if($_SESSION['id'])
	echo '

<table width="100%" border="0" cellspacing="1" cellpadding="0">
<tr>
<td><table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>

<td colspan="8" bgcolor="#FFC600"><strong><center>Delete Temporary User & Password Here!</center></strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF"><strong>Id</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Name</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Pass</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Email</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>IP Address</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Date</strong></td>
<td align="center" bgcolor="#FFFFFF">&nbsp;</td>
<td align="center" bgcolor="#FFFFFF">&nbsp;</td>
</tr>';
	else echo '<h1>Unauthorize Area</h1>';
    ?>

<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['usr']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['pass']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['email']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['regIP']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['dt']; ?></td>
<td bgcolor="#FFFFFF"><a href="update.php?id=<? echo $rows['id']; ?>">update</a></td>
<td bgcolor="#FFFFFF"><a href="delete_ac.php?id=<? echo $rows['id']; ?>"><font color="#FF0000">delete</font></a></td>
</tr>


<?

// close while loop 
}

// close connection; 
mysql_close();

?> 
</table></td>
</tr>
</table>

</div>


</body>
</html>

    thank you...
    Tags: None
    • dlite922
      Recognized Expert Top Contributor
      • Dec 2007
      • 1586
      #2
      Where do you log out? Where's the code that destroys the session?

      I don't understand what session has to do with the database.

      You can destroy a variable using unset() if you like.

      mysql_close() will close the connection, It won't get rid of the data you have already put in to a variable, like $result.


      Dan

        Comment

        • bulp
          New Member
          • Oct 2010
          • 3
          #3
          Thank You Dan for the response.. :)

          my bad.. sorry this is the login and log out code..

          Code:
          <?php

define('INCLUDE_CHECK',true);

require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined


session_name('Login');
// Starting the session

session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks

session_start();

if($_SESSION['id'] && !isset($_COOKIE['Remember']) && !$_SESSION['rememberMe'])
{
	// If you are logged in, but you don't have the Remember cookie (browser restart)
	// and you have not checked the rememberMe checkbox:

	$_SESSION = array();
	session_destroy();
	
	// Destroy the session
}


if(isset($_GET['logoff']))
{
	$_SESSION = array();
	session_destroy();
	
	header("Location: index.php");
	exit;
}
          should i create the logout button into the data page that i paste earlier ?

            Comment

            • rythmic
              New Member
              • Feb 2010
              • 29
              #4
              Hi!

              Here is the problem. You check whether a user is logged in or not, but no matter the response you still echo the table data.

              Echoing the table data should also be constrained by the if($_SESSION['id']) statement

              Your code should look like this:

              Code:
              
 <?php
     
    define('INCLUDE_CHECK',true);
  
    require 'connect.php';
    require 'functions.php';
    // Those two files can be included only if INCLUDE_CHECK is defined
    
    // select record from mysql 
   $sql="SELECT * FROM $tbl_name";
   $result=mysql_query($sql);
  
   session_name('Login');
   session_set_cookie_params(2*7*24*60*60);
   session_start();
  
   ?>
  
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
    
   <head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <title>Administrator Control Panel only!</title>
    
       <link rel="stylesheet" type="text/css" href="demo.css" media="screen" />
    
   </head>
    
   <body>
    
   <div id="main">
     <div class="container">
       <h1>Registered Administrator Only!</h1>
       <h2>Login to view this resource!</h2>
       </div>
    
       <div class="container">
   <?php
       if($_SESSION['id'])
       echo '
  
   <table width="100%" border="0" cellspacing="1" cellpadding="0">
   <tr>
   <td><table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
   <tr>
    
   <td colspan="8" bgcolor="#FFC600"><strong><center>Delete Temporary User & Password Here!</center></strong> </td>
   </tr>
   <tr>
   <td align="center" bgcolor="#FFFFFF"><strong>Id</strong></td>
   <td align="center" bgcolor="#FFFFFF"><strong>Name</strong></td>
   <td align="center" bgcolor="#FFFFFF"><strong>Pass</strong></td>
   <td align="center" bgcolor="#FFFFFF"><strong>Email</strong></td>
   <td align="center" bgcolor="#FFFFFF"><strong>IP Address</strong></td>
   <td align="center" bgcolor="#FFFFFF"><strong>Date</strong></td>
   <td align="center" bgcolor="#FFFFFF">&nbsp;</td>
   <td align="center" bgcolor="#FFFFFF">&nbsp;</td>
   </tr>';
       else echo '<h1>Unauthorize Area</h1>';
       ?>
    
   <?php
   if($_SESSION['id']){ // you can put it here to not execute the while loop at all for non-logged in users
   while($rows=mysql_fetch_array($result)){
   ?>
   <tr>
   <td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td>
   <td bgcolor="#FFFFFF"><? echo $rows['usr']; ?></td>
   <td bgcolor="#FFFFFF"><? echo $rows['pass']; ?></td>
   <td bgcolor="#FFFFFF"><? echo $rows['email']; ?></td>
   <td bgcolor="#FFFFFF"><? echo $rows['regIP']; ?></td>
   <td bgcolor="#FFFFFF"><? echo $rows['dt']; ?></td>
   <td bgcolor="#FFFFFF"><a href="update.php?id=<? echo $rows['id']; ?>">update</a></td>
   <td bgcolor="#FFFFFF"><a href="delete_ac.php?id=<? echo $rows['id']; ?>"><font color="#FF0000">delete</font></a></td>
   </tr>
  
  
   <?
  
   // close while loop 
   }
   // Rythmic input!!!: end if-statement
   } // here you could include an else statment if you want something displayed to non-logged in users
  
   // close connection; 
   mysql_close();
  
   ?> 
  </table></td>
  </tr>
  </table>
  
   </div>
  
    
   </body>
 </html>
              as a side note maybe you should also consider a stronger check than just checking that an id exists to determine whether a user may view your resource or not.

                Comment

                • bulp
                  New Member
                  • Oct 2010
                  • 3
                  #5
                  rythmic...

                  thanks for the response but ur code seems totally block the access to data.. i mean even when im log in.. the data didnt show at all..

                    Comment

                    Previous template Next
                    Working...