How to log out a specific user session (php and mysql)

Question

Here's my problem.

I'm working on a food management system.

Now I have it currently that when someone logs in, it puts their info into a loggedin table.

Then, using that info, when the user logs out, it takes them out of the table.

I'm running into trouble though when multiple people log in.

Check this scenario.

Someone logs in. They are taken to their dashboard, and are able to see their food in a list according to the food table, that has rows of food, with an email column that specifies who owns that particular item.

Now if they log out, it takes them out of the loggedin table.

But if that first user is still logged in, and a second user then logs in. That's when problems begin to occur.

IF the second user logs out first before the first user, his data will be removed. But if the first user logs out before the second user, the second users data will still be removed from the table. And if then the second user were to refresh, he would be shown the first users information.

It has to do with the sessions I think, when a user logs in, it goes to a the dashboard and starts a session. The way I have it set up though, is that when the session starts it pulls from the loggedin table the most recent users email. So thats the problem. When 2 ppl log in, the user email variable now references the most recent user, so when the first user logs out, the most recent user will instead be logged out.

Is there a way to create unique sessions, or to store user email/username when someone logs in, so I can refer to that specific users email when they log out.

Here's the code for starting the session and finding the most recent user.

<?php require_once('Connections/localhost.php');

$index = 0;
?>

<?php
//initialize the session
if (!isset($_SESSION)) {

    mysql_select_db($database_localhost, $localhost);
    $log = mysql_query("SELECT email FROM loggedin") or die(mysql_error());
     while($cols = mysql_fetch_array($log)){
      $value = $cols['email'];
      $email[$index] = $value;
      $index++;
     } 

session_start();

I then reference that $value variable in my queries.

So everytime someone logs in this code is run, and then $value is set to the most recent email, or rather, the email at the end of the query's array of emails. So when user 1 logs out it then uses $value in a query, but $value is now set to the next users email. I need it so that it stays as the users email that logged in.

Answer 1

Normally you would use a session variable to remember the id of the currently logged in user id. EG

$_SESSION['userId']=$validatedUserId;

$validatedUserId has the id if and only if it passes password checks, otherwise it should be null;

then returning posts can reference the boolean

(null!=$_SESSION['userId'])

you can branch the code on this, if not null the user is logged in. When the user logs out, issue:

$_SESSION['userId']=null; session_destroy(); 

after that the user will need to login again before the $_SESSION['userId'] can be used.