Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Sessions and Authentication
Sessions and Authentication
  • El Forum
    Guest
  •  
#1
06-18-2008, 08:56 AM

[eluser]gtipete[/eluser]
Hi, all... im trying to make a login form for a photo gallery website. but im having problems with the logout function, as the session doesnt seem to be getting destroyed when i tell it to.

Here is the code in my user controller...
Code:
class User extends Controller {

    function User()
    {
        parent::Controller();
        $this->load->helper(array('form', 'url'));
        $this->load->library('validation');
        $this->load->database();
    }
    
    function index()
    {
    }
    
    function login()
    {
        //set up the validation rules for the login form submission
        $rules['username'] = "required|xss_clean";
        $rules['password'] = "required|md5";
        $this->validation->set_rules($rules);
        
        //Set fields so that they will be available once prepped
        $fields['username'] = 'Username';
        $fields['password'] = 'Password';
        $this->validation->set_fields($fields);
        
        if ($this->validation->run() == FALSE)
        {
            //redirect back to the login form and display any errors
            $this->load->view('login');
        }
        else
        {
            //set a variable so that we can test to see if we need to set our own error
            //and re-direct back to the login view
            $valid = TRUE;
            $this->load->model('User_model');
            $result = $this->User_model->get_single_user($this->validation->username);            
            if ($result->num_rows() == 1)
            {
                //there is a user in the database with that username
                $row = $result->row();
                //now check to see if the passwords match
                if ($this->validation->password == $row->password)
                {
                    //destroy the default session
                    $this->session->sess_destroy();
                    //create a new session
                    $this->session->sess_create();
                    //add custom data to the new session
                    $customdata = array('user_name' => $row->user_name,
                                        'user_type' => $row->user_type,
                                        'logged_in' => TRUE);
                    $this->session->set_userdata($customdata);
                }
                else
                {
                    //the password doesnt match up with the username
                    $valid = FAlSE;
                }
            }
            else
            {
                //the supplied username doesnt exist in the database
                $valid = FALSE;
            }
            
            if (!$valid)
            {
                //set an error message and return the user to the login form.
                $this->validation->set_message('login_problem','Username and password are incorrect');
                $this->load->view('login');
            }
            else
            {
                redirect('/gallery/', 'refresh');
            }
        }
    }
    
    function logout()
    {
        //Unset the custom data items
        $removedata = array('user_name' => '',
                            'user_type' => '',
                            'logged_in' => '');
        $this->session->unset_userdata($removedata);
        
        if($this->session->userdata('logged_in') == TRUE)
        {
            echo 'still logged in for some reason';
        }
        else
        {
            echo 'logged out';
        }
    }
}

when the logout function is run, it tells me that i have been logged out. however, when i visit another page that checks if the user is logged in, it tells me that i am still logged in, and i can access the custom data in the session object.

i have also tried
Code:
$this->session->sess_destroy();
with the same results.

i dont know if it makes any difference but my sessions are also stored in the database.
  • El Forum
    Guest
  •  
#2
07-06-2008, 10:47 AM

[eluser]Steve Grant[/eluser]
I believe you're calling the unset_userdata function incorrectly.

For each portion of data (in your example , user_name, user_type and logged_in), you need to call unset_userdata, i.e. $this->session->unset_userdata('user_name'); $this->session->unset_userdata('user_type'); $this->session->unset_userdata('logged_in');
  • El Forum
    Guest
  •  
#3
07-06-2008, 01:03 PM

[eluser]Michael Wales[/eluser]
Quote:I believe you’re calling the unset_userdata function incorrectly.

No - it can be called in that manner. What's more interesting is the fact that even sess_destroy() isn't working...
  • El Forum
    Guest
  •  
#4
07-06-2008, 04:20 PM

[eluser]gtipete[/eluser]
yep, ive read alot of forum post since then and i'm still stuck with this problem.
Most people say to do
Code:
sess_destroy();
and then
Code:
sess_create();
but this doesnt work either, which has got me thinking that it could be some sort of cacheing problem..




Theme © iAndrew 2016 - Forum software by © MyBB