source code for logout.php with pdo connection

Question

I am new to php, i have been created simple employee register and login form.

This my code:

index.php:

<?php
session_start();

if(isset($_SESSION['username'])){
    echo 'Welcome!', '<a href="logout.php">Logout</a>';
} else {
    echo '<a href="login.php">Login</a><br />
    <a href="register.php">Register</a>';
}
?>

register.php:

<h1>Register</h1>
<form method="POST">
    <input type="text" name="username"><br />
    <input type="password" name="password"><br />
    <input type="submit">
</form>

<?php
session_start();

    if(isset($_POST['username'], $_POST['password'])){
        require 'db.php';

        $query = dbConnect()->prepare("INSERT INTO emptable (username, password) VALUES (:username, :password)");
        $query->bindParam(':username', $_POST['username']);
        $query->bindParam(':password', $_POST['password']);

        if($query->execute()){
            header("Location: index.php");
        } else{
            echo 'ERROR';
        }
    }
?>

db.php:

<?php
    function dbConnect(){
        try{
            $username = 'root';
            $password = '';
            $conn = new pdo("mysql:host=localhost;dbname=empreg;", $username, $password);
            $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            return $conn;

        }   catch(PDOException $e){
            echo 'ERROR', $e->getMessage();
        }
    }
?>

login.php:

<h1>Login</h1>
<form method="POST">
    <input type="text" name="username"><br />
    <input type="password" name="password"><br />
    <input type="submit">
</form>

<?php
session_start();
    if(isset($_POST['username'], $_POST['password'])){
        require 'db.php';

        $query = dbConnect()->prepare("SELECT username, password FROM emptable WHERE username=:username AND password=:password");
        $query->bindParam(':username', $_POST['username']);
        $query->bindParam(':password', $_POST['password']);
        $query->execute();

        if($row = $query->fetch()){
            $_SESSION['username'] = $row['username'];
            header("Location: index.php");
        }
    }
?>

According to my above, how can i create logout.php? I am blank.

Can anyone help me?

For secure processing, i had chosen these source code from online.

Any help would be highly appreciated.

Thanks in advance.

Right click on your folder -> new file -> logout.php and you have created the file?! — Rizier123, Jan 08 '15 at 16:49
You just need to look at how to destroy the session, and possibly place a confirmation link, or dialog into the page to confirm. — Lee, Jan 08 '15 at 16:50
First `unset()` your `sessions vars`, than make `$_SESSION[]` an empty array. Then I would do `session_destroy();` — JiFus, Jan 08 '15 at 16:50
Doesn't look very secure to me. You should salt and hash your passwords: http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords — jeroen, Jan 08 '15 at 16:50

score 0 · Answer 1 · answered Jan 08 '15 at 16:50

0

You can use the two following functions to clear session details:

<?php
    // remove all session variables
    session_unset(); 

    // destroy the session 
    session_destroy(); 
?>

Another way of doing it is just using

// make sure you don't do unset($_SESSION);
unset($_SESSION['username']); 

session_destroy();

answered Jan 08 '15 at 16:50

Crembo

5,198
3
26
30

1

*cough* [Manual page](http://php.net/manual/en/function.session-destroy.php) *cough* – PeeHaa Jan 08 '15 at 16:54
from your code, it shows something like this: "Warning: session_destroy(): Trying to destroy uninitialized session in C:\xampp\htdocs\selva\php\register\logout.php on line 6" – joe Jan 08 '15 at 16:55
Can you edit your answer to show what you have written so far for logout.php? – Crembo Jan 08 '15 at 16:58
then i use, session_start();$_SESSION = array(); if(isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/');}session_destroy(); redirect_to("login.php?logout=1");.. it shows fatal error: undefined function redirect_to – joe Jan 08 '15 at 17:04
Maybe because you don't have it declared anywhere? Is that the whole logout.php file? I.e. no included no anything? – Crembo Jan 08 '15 at 17:05
Can you please edit your answer (the original one) to include the whole logout.php file you currently have? That would make it much easier – Crembo Jan 08 '15 at 17:12

source code for logout.php with pdo connection

1 Answers1