Skip to content
Advertisement

Session gets destroyed after page refresh

Login.php

<?php
    session_start();
    
    $server = "localhost";
    $user = "...";
    $pass = "...";
    $database = "...";
    
    $verbindung = mysqli_connect($server, $user, $pass, $database)
            or die("Verbindung konnte nicht hergestellt werden.");
   
        $Email = $_POST["Email"];
        $Passwort = $_POST["Passwort"];
        
        $sql = "SELECT passwort FROM accounts WHERE email = '".$Email."'";
        $hashPasswort = mysqli_query($verbindung, $sql);
        $VerifyHash = mysqli_fetch_assoc($hashPasswort);

        if(password_verify($Passwort, $VerifyHash['passwort']))
        { 
            session_regenerate_id();
            $_SESSION['email'] = $Email;
            echo "<script type='text/javascript'>
            window.location.replace('...');
            </script>";
        }
        else
        {
        echo '<script type="text/javascript">
        window.location.replace("...");
        </script>';
        }
        
$return = mysqli_close($verbindung);
    if (!$return) {
      echo "<p>Die Verbindung mit dem Server konnte nicht geschlossen werden.</p>";
    }
?>

Index.php

<?php
    session_start();
    if (!isset($_SESSION['email'])) {
        header('Location: Login.php?login=loginRequired');
        exit;
    }
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset='utf-8'>
        <meta name="viewport" content="width=device-width, initial-scale=0.85">
        <link rel="icon" type="image/png" href="../Bilder/favicon.ico"/>
        <meta http-equiv='X-UA-Compatible' content='IE=edge'>
        <title>Erste-Hilfe Kurs</title>
        <meta name='viewport' content='width=device-width, initial-scale=1'>
        <link rel='stylesheet' type='text/css' media='screen' href='../CSS/main.css'>
        <link rel='stylesheet' type='text/css' media='screen' href='../CSS/index.css'>
    </head>
    <body>
        <header>
            <div class="container">

                <a href="https://www.litec.ac.at/"><img src="../Bilder/Litec.png" alt="Litec" class="logo"></a>
                <a href="https://www.roteskreuz.at/home/"><img src="../Bilder/RotesKreuz2.png" alt="Litec" class="logo"></a>
                <nav>
                    <ul>
                        <li><a href="Index.php"><b><u>Home</u></b></a></li>
                        <li><a href="UeberUns.php">Über uns</a></li>
                        <li><a href="Anmeldung.php">Anmeldung</a></li>
                        <li><a href="Impressum.php">Impressum</a></li>
                        <li><a href="<?php session_destroy();?> Login.php">LOGOUT</a></li>
                    </ul>
                </nav>
            </div>
        </header>
        <label id="email"></label>
        <?php echo("{$_SESSION['email']}"."<br />");?>
    </body>
</html>

I made a Login script which opens, if the password is correct, the Index.php site. When first opening the Index.php site via the Login script everything works fine and the session is set. But after I refresh the page the sessions gets destroyed and is not set. So how can I save the session, so it’s not getting destroyed by refreshing the browser?

Advertisement

Answer

This line in your index.php destroys your session:

<li><a href="<?php session_destroy();?> Login.php">LOGOUT</a></li>
                   ^^^^^^^^^^^^^^^^^

To realize your logout process, you could link to another php file and do your session_destroy(); there – for example.

User contributions licensed under: CC BY-SA
1 People found this is helpful
Advertisement