Logout in codeigniter

5
votes

I am trying to design a login/logout page in codeigniter framework.My problem is that when I logout of the web-page I am getting redirected to a login page. When I go back I am getting a page which says:

Document Expired

This document is no longer available.

But when I refresh this page I am getting logged into the system again (o.O)

The following codes contain my constructor and logout functionalities. Please help me to design a perfect login logout page 

function __construct()
{
    parent::__construct(); 

    $this->load->model('user_model');    

    $this->output->set_header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT');
        $this->output->set_header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
        $this->output->set_header('Pragma: no-cache');
        $this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    
}

function logout()
{
    $newdata = array(
                'user_name'  =>'',
                'user_email' => '',
                'logged_in' => FALSE,
               );

     $this->session->unset_userdata($newdata);
     $this->session->sess_destroy();

     redirect('default_controller','refresh');
}

I tried find proper logout method but I am not able to.

3
phpcodeignitersessionlogout
Well, could you post your login method aswell and give few more details on your exact interaction steps (ie, form submit -> login page (redirect?) -> logout (redirect) -> history back -> refresh)? So essentially I'm curious if you might be repeating the login process by hitting refresh, in which case a redirect after the login should help.Filou
aahh, and are you loading the session library? any such errors might be hidden because of the redirect.Filou
I am auto loading sessions libraryHacker Rocker

3 Answers

17
votes

try to be simply like this

function logout()
{
    $user_data = $this->session->all_userdata();
        foreach ($user_data as $key => $value) {
            if ($key != 'session_id' && $key != 'ip_address' && $key != 'user_agent' && $key != 'last_activity') {
                $this->session->unset_userdata($key);
            }
        }
    $this->session->sess_destroy();
    redirect('default_controller');
}
2
votes

don't need to use this line

$this->session->sess_destroy();

0
votes
public function Logout()
    {
        $this->session->sess_destroy();
        redirect('login');
    }
/** Here ('login') is controller class .
 In view ('logout-page'):-**/

<a href="home/logout">Logout</a>