PHP Session Destroy on Log Out Button

Question

I m currently working on a site that has a log-in  username and password  - The password protection is done by the operating system within the web server at folder level called a Realm within the OS  For now this will have to do  until we figure out a proper PHP log in system    The code below  is based on a previous question on the stack overflow   I m using 3 files  See code snippets at the bottom    The process is   - Click Log In button on index php - Enter username and password to access authenticate index file  - Click log out button  which references the logout php file - it SHOULD clear the cache and return the user to the top level index   It doesn t  destroy the session  in the sense that you re not asked to re-enter the password when prompted to  which is essentially what I want to happen   My minimal knowledge of php leaves me a little bit stumped here    index php  top level file with log in button    lt  php session start      gt   lt  DOCTYPE html PUBLIC  -  W3C  DTD XHTML 1 0 Transitional  EN   http   www w3 org TR xhtml1 DTD xhtml1-transitional dtd  gt   lt html xmlns  http   www w3 org 1999 xhtml  gt   lt head gt   lt meta http-equiv  Content-Type  content  text html  charset UTF-8    gt   lt title gt Test lt  title gt   lt  head gt   lt body gt   lt a href  authenticate index php  gt Log In Btn lt  a gt   lt  body gt   lt  html gt    authenticate index php  This folder is password protected - contains the index file with the log out button which links to the logout php file     lt  php session start      gt   lt  DOCTYPE html PUBLIC  -  W3C  DTD XHTML 1 0 Transitional  EN   http   www w3 org TR xhtml1 DTD xhtml1-transitional dtd  gt   lt html xmlns  http   www w3 org 1999 xhtml  gt   lt head gt   lt meta http-equiv  Content-Type  content  text html  charset UTF-8    gt   lt title gt Log out lt  title gt   lt  head gt   lt body gt   lt a href  logout php  gt Log Out Btn lt  a gt   lt  body gt   lt  html gt    authenticate logout php   lt  php    session start      to ensure you are using same session session destroy      destroy the session header  location  index php      to redirect back to  index php  after logging out exit      gt

User · Answer

The folder being password protected has nothing to do with PHP!

The method being used is called "Basic Authentication". There are no cross-browser ways to "logout" from it, except to ask the user to close and then open their browser...

Here's how you you could do it in PHP instead (fully remove your Apache basic auth in .htaccess or wherever it is first):

login.php:

<?php
session_start();
//change 'valid_username' and 'valid_password' to your desired "correct" username and password
if (! empty($_POST) && $_POST['user'] === 'valid_username' && $_POST['pass'] === 'valid_password')
{
    $_SESSION['logged_in'] = true;
    header('Location: /index.php');
}
else
{
    ?>

    <form method="POST">
    Username: <input name="user" type="text"><br>
    Password: <input name="pass" type="text"><br><br>
    <input type="submit" value="submit">
    </form>

    <?php
}

index.php

<?php
session_start();
if (! empty($_SESSION['logged_in']))
{
    ?>

    <p>here is my super-secret content</p>
    <a href='logout.php'>Click here to log out</a>

    <?php
}
else
{
    echo 'You are not logged in. <a href="login.php">Click here</a> to log in.';
}

logout.php:

<?php
session_start();
session_destroy();
echo 'You have been logged out. <a href="/">Go back</a>';

Obviously this is a very basic implementation. You'd expect the usernames and passwords to be in a database, not as a hardcoded comparison. I'm just trying to give you an idea of how to do the session thing.

Hope this helps you understand what's going on.

User · Answer

logout  if isset   GET  logout           session destroy        unset   SESSION  username         header  location login php

User · Answer

First give the link of logout php page in that logout button In that page make the code which is given below   Here is the code    lt  php  session start     session destroy      gt    When the session has started  the session for the last current user has been started  so don t need to declare the username  It will be deleted automatically by the session destroy method

[php] PHP Session Destroy on Log Out Button

Examples related to php

Examples related to logout

[php] PHP Session Destroy on Log Out Button

Examples related to php

Examples related to login

Examples related to logout