I have here the code of my login and logout can you guys check if the session I placed is correct?
Login code :
<?php
session_start();
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Content-Type: text/html');
$connection = mysql_connect("localhost", "root", "");
$db = mysql_select_db("store_data", $connection);
if(isset($_POST['login'])){
$admin=$_POST['user'];
$pass=$_POST['pass'];
$select_user = mysql_query("SELECT admin_name FROM admin");
$select_pass = mysql_query("SELECT admin_pass FROM admin");
$result_1 = mysql_fetch_assoc($select_user);
$result_2 = mysql_fetch_assoc($select_pass);
if($admin !=$result_1['admin_name'] || $pass!=$result_2['admin_pass']){
echo "<script >alert('Invalid password or username')</script>";
header("refresh:0; url=administrator.php" );
}
Logout code :
<?php
session_destroy();
header("Location: administrator.php");
?>
Before session_destroy
you need session_start
<?php
session_start();
session_destroy();
header("Location: administrator.php");
?>
Errors
session_start()
missing in logout$admin
and $pass
value in your queryIn logout
<?php
session_start(); //add this
session_destroy();
header("Location: administrator.php");
?>
In login
<?php
session_start();
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Content-Type: text/html');
$connection = mysql_connect("localhost", "root", "");
$db = mysql_select_db("store_data", $connection);
if(isset($_POST['login']))
{
$admin=$_POST['user'];
$pass=$_POST['pass'];
$query = mysql_query("SELECT * FROM admin where admin_name='$admin' AND admin_pass = '$pass' ");
$result = mysql_fetch_assoc($query);
$count = count($result);
if(!empty($count))
{
$_SESSION["admin_name"] = $admin;
header("refresh:0; url=administrator.php" );
}
else
{
echo "Invalid User";
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.