From 7b26ba67e77d9a0394c66e2dcfc85f07a39493f8 Mon Sep 17 00:00:00 2001 From: MartyniP Date: Fri, 21 Sep 2012 22:30:17 +0100 Subject: [PATCH] Working logout script --- admin/logout.php | 17 +++++------------ admin/session.php | 11 ----------- includes/functions.php | 13 ++++++++++++- 3 files changed, 17 insertions(+), 24 deletions(-) delete mode 100644 admin/session.php diff --git a/admin/logout.php b/admin/logout.php index c6e3223..0729307 100644 --- a/admin/logout.php +++ b/admin/logout.php @@ -1,13 +1,6 @@ diff --git a/admin/session.php b/admin/session.php deleted file mode 100644 index 8d8eb0e..0000000 --- a/admin/session.php +++ /dev/null @@ -1,11 +0,0 @@ - diff --git a/includes/functions.php b/includes/functions.php index 3962d16..4ec15d8 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -181,6 +181,7 @@ function is_login() { if (mysql_num_rows($db_result) != 1) { // User's session has expired. return false; + session_destroy(); } else { $db_row = mysql_fetch_assoc($db_result); $db_result = mysql_query("SELECT * FROM ".DB_PREFIX."users WHERE id='".$db_row['uId']."'"); @@ -208,5 +209,15 @@ function require_login() { } } function clean_old_sessions() { - $db_results = mysql_query("DELETE FROM ".DB_PREFIX."session WHERE time<='".strtotime("-2 weeks")."'"); + mysql_query("DELETE FROM ".DB_PREFIX."session WHERE time<='".strtotime("-2 weeks")."'"); +} +function logout() { + if (isset($_SESSION[base64_encode('user')])) { + $session = $_SESSION[base64_encode('user')]; + $session = mysql_real_escape_string(trim($session)); + mysql_query("DELETE FROM ".DB_PREFIX."session WHERE session='".$session."'"); + clean_old_sessions(); + session_destroy(); + header("Location: ".get_phurl_option('site_url')); + } }