Member Avatar for chaitu11

Problem:On click logout it again shows the html page content which i dont want to show

<?php
    session_start();

    if(isset($_GET['action']) == 'logout'){

        session_destroy();

        unset($_SESSION['user']);
        unset($_SESSION['pass']);
        echo '<pre>';
        print_r($_SESSION);

        //header('location:index.php/');
        exit();
    }

    if(isset($_SESSION['user'])== ' '){
        header('location:index.php');
        exit();
    }


    if( !( isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER'] == "a" && $_SERVER['PHP_AUTH_PW'] == "a" ) ){
        header('WWW-Authenticate: Basic realm="My Realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo 'You are not authenticated';
        exit;
    }else{
        $_SESSION['user'] = $_SERVER['PHP_AUTH_USER'];
        $_SESSION['pass'] = $_SERVER['PHP_AUTH_PW'];




?>

html code
Edited by pritaeas because: Moved to PHP. Try to post in the right forum.
  • 2 Contributors
  • 1 Reply
  • 117 Views
  • 3 Hours Discussion Span
  • Latest Post Latest Post by minitauros
Member Avatar for minitauros

First thing I see is that your code is a bit.. unexpected:

Your code:

if(isset($_SESSION['user'])== ' '){
    header('location:index.php');
    exit();
}

Should be:

if(!empty($_SESSION['user'])){
    header('location:index.php');
    exit();
}

as isset() returns a true/false value, and not a string like " " (to which you are comparing it now). I suspect that you are checking for the presence of a value in $_SESSION['user'] here, which is why it should be !empty() instead of isset() (isset() is ok, too, but I think you will want to use empty() here. Check the PHP manual for the differences or ask ^^).

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.