I am fairly new to PHP, and on my first try to log a user out, it's not working. login.php:
<?php include_once("config.php"); ?>
<?php
$login = @$_POST['login'];
$un = strip_tags(@$_POST['uname']);
$un = mysql_real_escape_string($un);
$pass = strip_tags(@$_POST['pass']);
$pass = mysql_real_escape_string($pass);
$pass = md5($pass);
if ($login) {
if (null!==($un && $pass)) {
$sql = mysql_query("SELECT * FROM users WHERE username='$un' AND password='$pass'");
$num_rows = mysql_num_rows($sql);
if ($num_rows == 1) {
session_start();
$_SESSION['username'] = $un;
header("location: home.php");
} else {
echo "The username or password is incorrect, please try again";
}
} else {
echo "Please fill out all the fields";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div id="login_wrapper">
<h2>Thank you for signing up</h2>
<h4>Please login to your account below</h4>
<form action="login.php" method="POST">
<input type="text" name="uname" placeholder="Username"><br>
<input type="password" name="pass" placeholder="Password"><br>
<input type="submit" name="login" value="Login">
</form>
</div>
</body>
</html>
This script is working and it redirects my to the home page. Heres the script for home.php:
<?php include_once("config.php"); ?>
<?php
session_start();
if (empty($_SESSION['username'])) {
echo "Please login <a href='login.php'>here</a>";
} else {
echo "Welcome ". $_SESSION["username"]. "<br>";
echo "Logout <a href='index.php'>here</>";
}
?>
This displays the username of the person correctly. Heres the logout.php code:
<?php
session_start();
$_session = array();
session_destroy();
die(header("location:index.php"));
?>
I get redirected to the index.php page, but if I go to home.php, it still displays my username. What am I doing wrong?
ps: I'm a newbie when it comes to PHP so please go easy on me :)