Logout code not executing at all. php

Question

Here is the code

I dont know whats wrong with it.

<?php
       //Logout code
       //Starting Session
       session_start();
       //Include
       include ("includes/mass.php");
       //Check if the user is logged in
       $username = $_SESSION['username'];
       $logged_in_query = "SELECT * FROM    user WHERE loggedin='1' AND    username='$username'";
       $check_if_logged_in =    mysql_query($logged_in_query);
       if (isset($username))

    {       while ($row =    mysql_fetch_array($check_if_logged_in))

            {
                $logged_in = $row['loggedin'];

                if ($logged_in == 1)

                    {
                    //User becomes logged out on database records

                    $sql_logout = "UPDATE user SET loggedin='0' WHERE loggedin='1' AND    username='$username'";

                    $logout_query = mysql_query($logout_query);

                    //Logout page

                    session_destroy();

                    echo "You have been logged out.","<br>"."<a    href='index.php'>Click Here To Go    Back</a>";
                    }
                            }
                }                else

    {
                                echo"You are not logged in"."<br><a href='register.php'>Click    To Sign Up</a>";
                            }           
         ?>

Answer 1

Do you have a mysql link object (from mysql_connect() / mysql_select_db() ?) From your comments below, it doesn't sound that way.

This SQL is wrong:

$sql_logout = "UPDATE user WHERE loggedin='1' AND username='$username'";

Should be:

$sql_logout = "UPDATE user SET loggedin=0 WHERE loggedin='1' AND username='$username'";

?

You probably also mean to be using mysql_fetch_assoc() instead of mysql_fetch_array().

This line:

$logout_query = mysql_query($logout_query);

Should be

$logout_query = mysql_query($sql_logout);

Put in your correct mysql connection and db information and try to run this. Please post the output.

<?php
//Logout code
//Starting Session
session_start();

echo "hello<br />";

//Include
include ("includes/mass.php");

echo "no problem in mass.php!<br />";

// FILL ME IN
$my_link = mysql_connect($server, $username, $password, TRUE);
mysql_select_db('your_db', $link);

//Check if the user is logged in
$username = $_SESSION['username'];
$logged_in_query = "SELECT loggedin FROM user WHERE loggedin='1' AND username='$username'";
echo $logged_in_query . "<br />";

$check_if_logged_in = mysql_query($logged_in_query, $my_link);
var_dump(mysql_num_rows($check_if_logged_in));

if (isset($username))
{
    while ($row = mysql_fetch_assoc($check_if_logged_in))
    {
        var_dump($row);

        $logged_in = $row['loggedin'];

        if ($logged_in == 1)
        {
            //User become logged out on database records
            $sql_logout = "UPDATE user SET loggedin=0 WHERE loggedin='1' AND username='$username'";
            $logout_query = mysql_query($sql_logout, $my_link);

            //Logout page
            session_destroy();
            echo "You have been logged out.","<br>"."<a href='index.php'>Click Here To Go Back</a>";
        }
        else
        {
            echo"You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
        }
    }
}
?>

Answer 2

what you have written is very bad code. i would suggest you do like this 1. create a session in the login page once their username and password matches with the entry in the db 2. destroy that session when they say log out.

your implementation of checking the user using db is not scalable. everytime it gets executed and its not the right idea of doing it.

Answer 3

I would use something like this:

    <?php
    //Logout code
    //Starting Session
    session_start();
    //Include
    include ("includes/mass.php");
    //Check if the user is logged in
    $username = $_SESSION['username'];

    if (isset($username))
    {
     $logged_in_query = "SELECT * FROM user WHERE loggedin='1' AND username='".$username."' LIMIT 1";
     $check_if_logged_in = mysql_query($logged_in_query);
     $logged_in = mysql_fetch_field($check_if_logged_in);

      if ($logged_in == 1)
      {
       //User becomes logged out on database records

       $sql_logout = "UPDATE user SET loggedin='0' WHERE loggedin='1' AND username='".$username."' LIMIT 1";

       $logout_query = mysql_query($logout_query);
       if ($logout_query)
       {
        //Logout page

        session_destroy();
        echo "You have been logged out.","<br>"."<a href='index.php'>Click Here To Go Back</a>";
       }
       else
       {
        //Couldn't update the user table to set your login status.
        echo "MYSQL Error, please contact admin LO-2";
        exit();
       }
      }
      else
      {
       echo "You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
      }
     }
     else
     {
      echo "You are not logged in"."<br><a href='register.php'>Click To Sign Up</a>";
     }
?>

Not tested

Max