Jump to content

logout function


jimfog

Recommended Posts

I am constructing a logout function...for what I have doubts though is the implementation. This function tries to address 2 different scenarios. There is a cookie in the user's PC(remember me feature) and the second scenario is that there is no remember me cookie in the client.

 

I do not know though if I am doing it the right ways...here is the code:

   function logout($connection)    {     if (isset($_COOKIE['cookiename'])||isset($_SESSION['valid_user']))       {    $username = $_SESSION['valid_user'];   setcookie('cookiename',"", time() - 3600);   unset($_SESSION['valid_user']);   session_destroy();      $result = $connection->query("DELETE FROM session WHERE username='".$username."'");    if(!$result)      {echo 'deletion failed';      return false;      }    }        }
Link to comment
Share on other sites

This function tries to address 2 different scenarios. There is a cookie in the user's PC(remember me feature) and the second scenario is that there is no remember me cookie in the client.

 

 

You need to delete both cookie or any other user related data anyway when user logout.

Link to comment
Share on other sites

 

You need to delete both cookie or any other user related data anyway when user logout.

I suppose you are referring to the "remember me"cookie.Am I correct?

Link to comment
Share on other sites

yes, remember me cookie and session cookie, both.

Link to comment
Share on other sites

yes, remember me cookie and session cookie, both.

I assume I delete the remember me cookie by setting it expire to the past and I delete the session cookie by unsetting the session.

 

Am I saying it correctly? I think my function addresses both of these issues.

Link to comment
Share on other sites

Unsetting the session wont delete the session. It will just unset the session value. Session_destroy() will delete the server side session data. But there will be still session cookie on browser. Though that cookie cant get any data as in server that session is deleted and that cookie will expire on his own after certain time (as your session cookie setting was set. But i would like to delete the cookie imidiately once the user log out. Normal cookie deletion technique applies here

Link to comment
Share on other sites

So we have 2 cookies, the "remember me" and the session related.

 

Does the line below deletes both of them:

setcookie('cookiename',"", time() - 3600);
Link to comment
Share on other sites

no, as Birbal said, to kill the session you use session_destroy(). otherwise, you are just deleting the cookie and nothing else.

 

you are using both already, I think you have everything covered.

Edited by thescientist
Link to comment
Share on other sites

I think you have everything covered.

Plus the "remember" me cookie?By setting it expiring in the past?

Link to comment
Share on other sites

I don't know what you're asking now.

 

You asked if your code does two things

1) deletes a ("remember me") cookie, in this case called "cookiename"

2) kills a session

 

So yes, presumably, to both things.

 

Now, if your remember me cookie isn't actually called "cookiename" then, you should actually use the name of the cookie you are using for remember me instead.

Edited by thescientist
Link to comment
Share on other sites

 

 

You asked if your code does two things

1) deletes a ("remember me") cookie, in this case called "cookiename"

2) kills a session

 

So yes, presumably, to both things.

 

 

I am covered now... thanks. The above is what I was expecting to hear...that I accomplish both things.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...