Destroy session if user account is deleted from database but user is logged in
Question
I've created user system in Php. Now I want this that if I delete user account from database then session should be destroyed and user should be logged out and show him a message.
I have searched a lot and I get one from this (Stack Overflow) but that was not the answer of my question. Here is the link: destroy session after user is deleted but still logged in . I have checked these answers but these was not the answer of my question.
I know about function session_destroy() but how can I make it work as I want. How can it implement to do this work.
Here is the user login function code:
public function userLogin($data){
$phone_number = mysqli_real_escape_string($this->db->link, $data['phone_number']);
$password = mysqli_real_escape_string($this->db->link, $data['password']);
if($phone_number == "" || $password == ""){
$loginmsg = "<div class='alert alert-danger'>Phone number or Password must not be empty!<button type='button' class='close' data-dismiss='alert' aria-label='Close'><span aria-hidden='true'>×</span></button></div>";
return $loginmsg;
} else {
$this->setSessionDuringLogin($phone_number, $password);
}
}
public function setSessionDuringLogin($phone_number, $password){
$query = "SELECT * FROM users WHERE phone_number = '$phone_number' AND password = '$password'";
$result = $this->db->select($query);
if($result != false){
$value = $result->fetch_assoc();
Session::set("userlogin", true);
Session::set("user_id", $value['user_id']);
Session::set("first_name", $value['first_name']);
Session::set("last_name", $value['last_name']);
Session::set("email", $value['email']);
Session::set("password", $value['password']);
header("Location: profile.php");
} else {
$loginmsg = "<div class='alert alert-danger'>Email or Password is wrong.<button type='button' class='close' data-dismiss='alert' aria-label='Close'><span aria-hidden='true'>×</span></button></div>";
return $loginmsg;
}
}
2 answers
solution1
2 2019-08-23 11:46:42
You need:
destroy_session();
or you need delete session variables:
unset($_SESSION);
and you can redirect to index page:
header('Location: index.php);
exit();
If session works on databases destroy session object.
$pdo = new PDO('mysql:host=localhost;dbname=produkty', 'root', 'root');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $pdo->prepare('SELECT COUNT(*) as cnt FROM users WHERE user_id = :s1');
$stmt->execute( array( ':s1' => $userid ) );
$cnt = $stmt->fetchAll()[0]['cnt'];
if($cnt == 0){
session_destroy();
// destroy session here
}
solution2
0 ACCPTED 2019-08-23 11:56:30
//call this function at top of every page after login
function checkexistuser(){
$user_id = $_SESSION['user_id'];
$query = "SELECT * FROM users WHERE user_id = '".$user_id."' ";
$result = $this->db->select($query);
if($result->num_rows() == 0){
//destroy_session , redirect, show message whatever you want.
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.