LOG OUT NOT LOGGING OUT IN VER 2.51+ ? A POSSIBLE FIX - Apr 25th, 2013
|
I was not using the Website Membership Plugin and I had a viewer on the site that contained information that was for anyone with a user account and some additional information that was for admins only.
Trouble was, that after I logged in to the page, I couldn’t log out again, even when I followed the log out link. To log out I had to manually destroy the session login cookies stored by my browser.
Greg Thomas came up with this solution, which may work for you. He said,
“For some reason the server was creating two different sessions depending on if you are logged in at http://your_site.com/ or http://www.your_site.com. As the log off link was to www.your_site.com this was causing an issue if the user had logged in at the non www version. I've got around the problem by adding a rule to your htaccess file that redirects all site visitors to your_site.com. I've also added the session_unset to the if statement that checks if the user is logged in, as this should completely destroy the session.”
The .htaccess rule is:
# Redirect www urls to non-www RewriteEngine on RewriteCond %{HTTP_HOST} ^www\.your_site\.com [NC] RewriteRule (.*) http://your_site.com/$1 [R=301,L]
The viewer code including the session_unset code is:
<?php if (!defined('START_SESSION')) { define('START_SESSION', true); } // load viewer library $libraryPath = 'cmsAdmin/lib/viewer_functions.php'; $dirsToCheck = array('/path_to_your_server/','','../','../../','../../../'); foreach ($dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }} if (!function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); } //Get the current CMS users details $CMS_USER = getCurrentUserFromCMS(); //redirect the browser if no user is currently logged into the back end if (!@$CMS_USER['num']){ session_unset(); redirectBrowserToUrl("http://your_site.com/cmsAdmin/admin.php?redirectUrl=" . $_SERVER['REQUEST_URI']); exit; } ?>
And in the body of my viewer to separate access for admins and regular users:
<?php if( $CMS_USER['num']): ?> <a class="special" href="http://your_site.com/cmsAdmin/admin.php?action=logoff">Click Here to Log Out</a><br /> <br /> Code for any user... <?php endif ?> <br /> <?php if( $CMS_USER['isAdmin']): ?> Code for admins only... <?php endif ?>
|
The materials on this web site have been created for use with CMS Builder content management software. CMS Builder software is published and licensed for use by InteractiveTools.com. Please contact
Interactive Tools for information on the downloading of the software or the purchasing of licenses.