I have a login web page where user logs in. The page is then redirected to an interim page as loginvalidte.php. This page saves the User data in Session and forwards the request to the index.php page which some some user data and also has a logout button which is redirected to login.php
In short,
login.php - For user to enter username and password
loginvalidate.php - Session values are initialized
index.php - Dashboard page with logout button
Here are my pages:
login.php
<!DOCTYPE html>
<?php
//session_unset();
session_destroy();
$_SESSION = array();
$authError='false';
if($_GET['AuthCheck']=='failed'){
$authError='true';
}
if($_GET['Expired']=='true'){
$sessionexpire='true';
}
//print_r ($_SESSION);
foreach($_SESSION as $key => $val)
{
unset($_SESSION[$key]);
}
//unset($_SESSION["InfraUser"]);
//unset($_SESSION["InfraPassword"]);
$_SESSION["InfraUser"]='';
$_SESSION["InfraPassword"]='';
$_SESSION = NULL;
print_r($_SESSION);
?>
<html >
<head>
<meta charset="UTF-8">
<title>One click Infra</title>
<link rel="stylesheet" href="loginstyle/css/style.css">
</head>
<body>
<html>
<html>
<head>
<meta charset="UTF-8">
<title>Login Form</title>
<script src="loginstyle/js/prefixfree.min.js"></script>
</head>
<body>
<div id="logo">
<h1><i> One Click Infra</i></h1>
</div>
<section class="stark-login">
<form action="loginvalidate.php" method="post">
<?php if($authError=='true'){ ?>
<div id="fade-box">
<p>Authentication Failed. Please Login Again</p>
</div>
<?php }
else if ($sessionexpire=='true'){ ?>
<div id="fade-box">
<p>Session Expired. Please Login Again</p>
</div>
<?php }?>
<div id="fade-box">
<input type="text" name="username" class="form-control" placeholder="Username" required="" />
<input type="password" name="userpassword" class="form-control" placeholder="Password" required="" />
<div hidden>
<input type="text" name="authorize" class="form-control" placeholder="Authorize" value="on"/>
</div>
<button>Log In</button>
</div>
</form>
<div class="hexagons">
<img src="http://i34.photobucket.com/albums/d133/RavenLionheart/NX-Desktop-BG.png" height="768px" width="1366px"/>
</div>
</section>
<div id="circle1">
<div id="inner-cirlce1">
<h2> </h2>
</div>
</div>
<ul>
<li></li>
<li></li>
<li></li>
<li></li>
<li></li>
</ul>
<script src='http://codepen.io/assets/libs/fullpage/jquery.js'></script>
<script src="loginstyle/js/index.js"></script>
</body>
</html>
<script src="loginstyle/js/index.js"></script>
</body>
</html>
loginvalidate.php
<?php
session_start();
$User = $_POST["username"];
$Password = $_POST["userpassword"];
include('/opt/lampp/htdocs/oneclickinfra/Net/SSH2.php');
$ssh = new Net_SSH2('10.41.66.73');
if (!$ssh->login('centos', 'centos')) {
exit('OCI Server Is Down. Please send mail to performance@snapdeal.com');
}
/////////////////////////////////////////////////////////////////////////////////////////////
if ($_POST['authorize']){
$command0 = 'curl --request POST "http://gitlab.snapdeal.com/api/v3/session?login='.$User.'&password='.$Password.'"';
$req_data0 = $ssh->exec($command0);
if (strpos($req_data0,'Unauthorized')!==false){
header("Location: login.php?AuthCheck=failed");
}
else{
$_SESSION["InfraUser"] = $User;
$_SESSION["InfraPassword"] = $Password;
print 'Data here is: '.$_SESSION["InfraUser"].' and '.$_SESSION["InfraPassword"];
//sleep(10);
header("Location: index.php");
}
}
////////////////////////////////////////////////////////////////////////////////////////////
?>
Some Part of index.php:
<?php
session_start();
$User = '';
$Password = '';
print_r($_SESSION);
if(!isset($_SESSION['InfraUser'])){
//if($_SESSION['InfraUser']===''){
header("Location: login.php?AuthCheck=failed");
}
else{
$User = $_SESSION["InfraUser"];
$Password = $_SESSION["InfraPassword"];
}
//////////////////////////////////// Maintains Session Only for 30 Minutes ///////////////////////
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 3600)) {
// last request was more than 30 minutes ago
//session_unset(); // unset $_SESSION variable for the run-time
//session_destroy(); // destroy session data in storage
header("Location: login.php?Expired=true");
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
//////////////////////////////////////////////////////////////////////////////////////////////////
$chefApiFetchAuthCheck = $_GET["chefApiFlavorFetchAuthenticationError"];
The problem is that when I press logout, It is redirected to login.php page which is clearing all the session variable as i do not get any data by printing the session array at login.php page. But when i directly enter the site on index.php, I still get my User session values.
Please help as I want to redirect the user to loginPage if the user directly enters the index.php after logout is hit.