问题描述:

I have started a session on config page, then $_SESSION['logged_out'] = 1; and on index page that:

if(isset($_SESSION['logged_out']))

{

echo "You have been logged out !";

unset($_SESSION['logged_out']);

}

But the echo not workig, like unset is before him. And i don`t understand why, please help me.

EDITED:

Config page:

<?php

ini_set('display_errors',1);

error_reporting(E_ALL);

ob_start();

session_start();

include 'connection.php';

include 'functions.php';

$logged_in = 0;

if(isset($_SESSION['username']) && isset($_SESSION['password']))

{

$username = sec($link, $_SESSION['username']);

$password = sec($link, $_SESSION['password']);

$udata = get_row($link, "SELECT * FROM accounts WHERE Username= '$username' && Password= MD5('$password')");

if(isset($udata['ID']))

{

$logged_in = 1;

if(isset($_GET['logout']))

{

unset($_SESSION['username']);

unset($_SESSION['password']);

$_SESSION['logged_out'] = "1";

mysqli_query($link, "UPDATE accounts SET rpgon = '0' WHERE Username = '$username'");

header('location: index.php');

}

}

} ?>

Index page:

if(isset($_SESSION['logged_out']))

{

echo "You have been logged out !";

unset($_SESSION['logged_out']);

}?>

This is it ...

网友答案:

If echo doesn't show anything is because the if condition is evaluated to false. This mean that $_SESSION['logged_out'] isn't set.

网友答案:

You have to start_session() on every page that uses the $_SESSION. In fact if you are using $_SESSION anywhere in your site, its best to start it on all your pages.

So add start_session() just after the first <?php to ensure it is always started for all pages

<php
start_session();

 . . .

if(isset($_SESSION['logged_out']))
{
     echo "You have been logged out !";
     unset($_SESSION['logged_out']);
}

Added after additional info given

I think this may be one of your problems

$udata = get_row($link, 
                 "SELECT * FROM accounts 
                  WHERE Username= '$username' 
                     && Password= MD5('$password')"
                 );

The && should be AND, then this query should return a result. You should really be checking the result status from all query command like so:

<?php
ini_set('display_errors',1); 
error_reporting(E_ALL);
session_start();

ob_start();

include 'connection.php';
include 'functions.php';

$logged_in = 0;
if(isset($_SESSION['username']) && isset($_SESSION['password']))
{
    $username = sec($link, $_SESSION['username']);
    $password = sec($link, $_SESSION['password']);
    $udata = get_row($link, "SELECT * FROM accounts 
                             WHERE Username= '$username'
                               AND Password= MD5('$password')"
                     );

    // this would have shown the error in the sql query
    // if it had been here before
    if ( ! $udate ) {
        echo mysqli_error($link);
        exit;
    }


    // now this if will be executed
    // although this if is probably no longer required
    if(isset($udata['ID']))
    {
        $logged_in = 1;
        if(isset($_GET['logout']))
        {
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            $_SESSION['logged_out'] = "1";
            mysqli_query($link, "UPDATE accounts SET rpgon = '0' WHERE Username = '$username'");
            header('location: index.php');

            // you should also follow a header() call with an exit;
            exit;
        }
    }
} 
?>
相关阅读:
Top