My php code keeps always logged in. The logout does not work either. There has to be some lidde error I cant spot.
I echoed the $_SESSION['logged] and it's always 1. But the $_POST['nam'] is indeed empty. So it does not keep the data when opening the site. The if-funtion for the true login, doesn't resolve true neither.
Im sorry for posting so much code, but maybe it is the mySQL part?
if(isset($_POST['send'])) {
mysqli_connect($servername,$dbuser,$dbpw,$db,$port); //DB-Conn succesfull
$query = "SELECT * FROM `users` WHERE `name` LIKE '$user' AND `pw` LIKE '$pw'";
$result = mysqli_query($con,$query) or die(mysqli_error($connection));
$rows = mysqli_fetch_assoc($result);
if($_POST['name']==$rows['name']) {
$_SESSION['logged'] = true;
echo "Not triggering, still logged in";
}
else { $_SESSION['logged'] = false;}
if(isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
$_SESSION['logged'] = false;}
echo $_SESSION['logged']; //This is always 1
}
The form
<?php if($_SESSION['logged'] == false) {?>
<form method="post">
<input type="text" class="form-control" id="name" name="name" placeholder="abc">
<input type="password" class="form-control" id="pw" name="pw" placeholder="xyz">
<button type="submit" name="send">Login</button>
</form>
<?php ;}
else {?>
<form method="post">
<button type="submit" id="logout" name="logout">Logout</button>
</form>
<?php }
?>
As you can see you are wrapping the entire script in if ($_POST["send"])
statement
But in your form the $_POST["send"]
is only going to exist on login form not on logout form.