[eluser]gtipete[/eluser]
Hi, all... im trying to make a login form for a photo gallery website. but im having problems with the logout function, as the session doesnt seem to be getting destroyed when i tell it to.
Here is the code in my user controller...
Code:
class User extends Controller {
function User()
{
parent::Controller();
$this->load->helper(array('form', 'url'));
$this->load->library('validation');
$this->load->database();
}
function index()
{
}
function login()
{
//set up the validation rules for the login form submission
$rules['username'] = "required|xss_clean";
$rules['password'] = "required|md5";
$this->validation->set_rules($rules);
//Set fields so that they will be available once prepped
$fields['username'] = 'Username';
$fields['password'] = 'Password';
$this->validation->set_fields($fields);
if ($this->validation->run() == FALSE)
{
//redirect back to the login form and display any errors
$this->load->view('login');
}
else
{
//set a variable so that we can test to see if we need to set our own error
//and re-direct back to the login view
$valid = TRUE;
$this->load->model('User_model');
$result = $this->User_model->get_single_user($this->validation->username);
if ($result->num_rows() == 1)
{
//there is a user in the database with that username
$row = $result->row();
//now check to see if the passwords match
if ($this->validation->password == $row->password)
{
//destroy the default session
$this->session->sess_destroy();
//create a new session
$this->session->sess_create();
//add custom data to the new session
$customdata = array('user_name' => $row->user_name,
'user_type' => $row->user_type,
'logged_in' => TRUE);
$this->session->set_userdata($customdata);
}
else
{
//the password doesnt match up with the username
$valid = FAlSE;
}
}
else
{
//the supplied username doesnt exist in the database
$valid = FALSE;
}
if (!$valid)
{
//set an error message and return the user to the login form.
$this->validation->set_message('login_problem','Username and password are incorrect');
$this->load->view('login');
}
else
{
redirect('/gallery/', 'refresh');
}
}
}
function logout()
{
//Unset the custom data items
$removedata = array('user_name' => '',
'user_type' => '',
'logged_in' => '');
$this->session->unset_userdata($removedata);
if($this->session->userdata('logged_in') == TRUE)
{
echo 'still logged in for some reason';
}
else
{
echo 'logged out';
}
}
}
when the logout function is run, it tells me that i have been logged out. however, when i visit another page that checks if the user is logged in, it tells me that i am still logged in, and i can access the custom data in the session object.
i have also tried
Code:
$this->session->sess_destroy();
with the same results.
i dont know if it makes any difference but my sessions are also stored in the database.