CodeIgniter login session not destroying

Question

I'm having a problem in my login session.

This is what I've tried so far:

User.php controller

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class User extends CI_Controller{
public function __construct()
{
    parent::__construct();
    $this->load->model('user_model');
}
public function index()
{
    //if(($this->session->userdata('logged_in') == TRUE))
    if(($this->session->userdata('username') != "" ))
    {
        $this->welcome();
    }
    else {
        $data['title']= 'Home';
        $this->load->view('include/header',$data);
        $this->load->view("frontpage", $data);
        $this->load->view('include/footer',$data);
    }
}
public function welcome()
{
    $data['title']= 'Welcome';
    $this->load->view('include/header',$data);
    $this->load->view('include/navbar',$data);
    $this->load->view('welcome_view', $data);
    $this->load->view('include/sidebar',$data);
    $this->load->view('include/footer',$data);
}

public function login()
{
    $username = $this->input->post('username');
    $password = $this->input->post('password');
    //md5($this->input->post('password'));
    //$this->input->post('password');  

    $result = $this->user_model->login($username, $password);

    if($result) 
        $this->welcome();
    else       
        $this->index();

}
public function thank()
{
    $data['title']= 'Thank';
    $this->load->view('include/header',$data);
    $this->load->view('thank_view.php', $data);
    $this->load->view('include/footer',$data);
}
public function registration()
{
    $this->load->library('form_validation');
    // field name, error message, validation rules
    $this->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]|xss_clean');
    $this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[32]');
    $this->form_validation->set_rules('con_password', 'Password Confirmation', 'trim|required|matches[password]');

    if($this->form_validation->run() == FALSE)
    {
        $this->index();
    }
    else
    {
        $this->user_model->add_user();
        $this->thank();
    }
}
public function logout()
{
    $newdata = array(
    //'user_id'   =>'',
    'username'  =>'',
    'logged_in' => FALSE
    ); 

    $this->session->unset_userdata($newdata);
    $this->session->sess_destroy();
    $this->index();
}
 }
?>

User_model.php model

<?php
class User_Model extends CI_Model
{
    public function __construct()
    {
        parent::__construct();
    }

    function login($username, $password)
    {
        $this->db->where("username", $username);
        $this->db->where("password", md5($password));

        $query = $this->db->get("users");
        if($query->num_rows()>0)
        {
            foreach($query->result() as $rows)
            {
                //add all data to session
                $newdata = array(
                        //'user_id'         => $rows->id,
                        'username' => $rows->username,
                        'logged_in' => TRUE
                   ); 

            }
                $this->session->set_userdata($newdata);
                return true;            
        }
        return false;
    }

    public function add_user()
    {
        $data=array(
            'username'=> $this->input->post('username'),
            'password'=> $this->input->post('password')// md5($this->input->post('password'))
            );
        $this->db->insert('users',$data);
    }
}
?>

frontpage.php view

     <div class="container">
   <div class="jumbotron">
     <?php 
     $attributes = array('class' => 'form-signin');
     echo form_open(base_url('login'), $attributes); ?>
      <h2 class="form-signin-heading">VMS Login System</h2>
        <input type="username" name="username" class="form-control" placeholder="Username" required autofocus>
        <input type="password" name="password" class="form-control" placeholder="Password" required>
        <button class="btn btn-primary" type="submit">Login</button>
        <button class="btn btn-primary" type="reset">Cancel</button> <!-- btn btn-lg btn-primary btn-block -->
     <?php echo form_close(); ?>

   </div>
</div>

welcome_view.php

<div class="container">

      <div class="row row-offcanvas row-offcanvas-right">

        <div class="col-xs-12 col-sm-9">
          <p class="pull-right visible-xs">
            <button type="button" class="btn btn-primary btn-xs" data-toggle="offcanvas">Toggle Sidebar</button>
          </p>
          <div class="jumbotron">
            <h1>Van Management System</h1>
            <p></p>
          </div>
          <div class="row">
            <div class="col-6 col-sm-6 col-lg-4">
              <h2>What's New</h2>
              <p>Sample Only</p>
              <p><a class="btn btn-default" href="#" role="button">View details »</a></p>
            </div><!--/span-->
            <div class="col-6 col-sm-6 col-lg-4">
              <h2>Charts and Graphs</h2>
              <p>Check out sample</p>
              <p><a class="btn btn-default" href="#" role="button">View details »</a></p>
            </div><!--/span-->
            <div class="col-6 col-sm-6 col-lg-4">
              <h2>Announcements</h2>
              <p>Announcements</p>
              <p><a class="btn btn-default" href="#" role="button">View details »</a></p>
            </div><!--/span-->
          </div><!--/row-->
        </div><!--/span-->

The problem is, whenever I log out of the system and go back to the login page, I can always go back to the welcome page, my session is not being destroyed. What I want is, when I log in of course I'm in the welcome page. And when I go back to log in page, the system should redirect me to the welcome view and won't allow me to go to log in page if I'm currently logged in. Any ideas? I tried but nothing is happening :( Help is pretty much appreciated.

Update: This is how I load the welcome page:

     public function index()
{
    //if(($this->session->userdata('logged_in') == TRUE))
    if(($this->session->userdata('username') != "" ))
    {
        $this->welcome();
    }
    else {
        $data['title']= 'Home';
        $this->load->view('include/header',$data);
        $this->load->view("frontpage", $data);
        $this->load->view('include/footer',$data);
    }
}
public function welcome()
{
    $data['title']= 'Welcome';
    $this->load->view('include/header',$data);
    $this->load->view('include/navbar',$data);
    $this->load->view('welcome_view', $data);
    $this->load->view('include/sidebar',$data);
    $this->load->view('include/footer',$data);
}

when you go back to welcome page after logging out are you able to access the things which are supposed to be accessed by logged in users only? — plain jane
do you have a welcome controller which displays the welcome view? — plain jane
@plainjane I don't have a welcome controller class. and when I go back to welcome page after logging out I can still access. — neknek mouh
how do you load the welcome page i mean from which controller...pls post it in your question — plain jane
I'm loading it in my controller: public function index() { //if(($this->session->userdata('logged_in') == TRUE)) if(($this->session->userdata('username') != "" )) { $this->welcome(); } else { $data['title']= 'Home'; $this->load->view('include/header',$data); $this->load->view("frontpage", $data); $this->load->view('include/footer',$data); } } — neknek mouh

plain jane plain jane · Accepted Answer · 2013-11-15T05:13:37

I guess you try this

public function logout()
{
    $newdata = array(
      //'user_id'   =>'',
      'username'  =>'',
      'logged_in' => ''
     ); 

    $this->session->unset_userdata($newdata);
    $this->session->sess_destroy();
    $this->index(); 
}

Your index function User.php controller

public function index()
{
  if(($this->session->userdata('logged_in') == TRUE))
  {
    if(($this->session->userdata('username') != "" ))
    {
        $this->welcome();
    }
  }
    else {
        $data['title']= 'Home';
        $this->load->view('include/header',$data);
        $this->load->view("frontpage", $data);
        $this->load->view('include/footer',$data);
      }
}

Welcome function

public function welcome()
{
  if(($this->session->userdata('logged_in') == TRUE))
  {
    if(($this->session->userdata('username') != "" ))
    {
        $data['title']= 'Welcome';
        $this->load->view('include/header',$data);
        $this->load->view('include/navbar',$data);
        $this->load->view('welcome_view', $data);
        $this->load->view('include/sidebar',$data);
        $this->load->view('include/footer',$data);
    }
  }
  else
  {
      $this->index();
  }  
}

CodeIgniter login session not destroying

1 Answers