Error closing session with token

Question

Error closing session with token

Navigation

#1 by (0 votes)

0

I explain I'm doing a login with 3 profiles and I managed to identify what profile I enter and be sent to your module until there is everything right the problem arises when I close session is blank screen and does not return to the index where the form is login

I followed an example to make a login and the truth is I'm a novice in this, I hope you can help me This is my login

'

$correo=$_POST['correo'];
$clave=md5($_POST['clave']);
require_once('Conexion.php');
$conn = Conectar();

$stmt = $conn->prepare("SELECT  id_usuario, nombre, apellido, correo, p.id_perfil, perfil FROM usuario u INNER JOIN perfil p ON p.id_perfil=u.id_perfil WHERE u.correo=:correo AND u.clave=:clave");
$stmt->bindParam(':correo',$correo);
$stmt->bindParam(':clave',$clave);
$stmt->execute();


if($stmt->rowCount()>=1){
    session_start();
    $fila=$stmt->fetch();
    if($fila['id_perfil']==1)
        {header("Location: administrador/index.php");}
    if($fila['id_perfil']==2)
        {header("Location: aprendiz/index.php");}
    if($fila['id_perfil']==3)
        {header("Location: root/index.php");}

}
else{
     echo "<font color='red'>Datos No Validos</font>";
}

? > '

"my file that closes session"

<?php
	session_start();
	if(isset($_GET['tk']) && isset($_SESSION['token']) && $_GET['tk']==$_SESSION['token']){
		session_destroy();
		header("Location: index.php");
	}
?>

I know that the problem is between the closing file and the login because in the login I'm not referring to the closing token and in the closing file I do not refer to the profiles I have in login and the truth is not how to do it I hope for your collaboration and thank you very much

mysql php pdo

asked by Zen 17.08.2017 в 17:34

source

1 answer

how to remove options from a combo when selecting options from another combobox Error executing class using .jar files

score 0 · Answer 1

In the file cerrarsesion.php the if is not necessary because you only need to delete the variables of session here is an example:

<?php 
session_start();
session_destroy();
header("location: ../login.php");
?>

EDITO
To prevent the user from passing only with the url create a file seguridad.php and include it in the pages you do not want to enter without logging in, here is what you should implement the said file:

<?php 
session_start();
if(!isset($_SESSION['idPerfil'])){//preguntamos si la variable esta vacía
    header("location: ../login.php");//salimos del directorio de donde este con ../ y redireccionamos al logearce
}

?>

In this part of your code you can define the variables in that way:

if($stmt->rowCount()>=1){
    session_start();
    $resultado = $stmt->get_result();
    $fila = $resultado->fetch_assoc();
    /*  Definiremos las variables de SESSION que requieras utilizar en este caso usare idPerfil, nombre, apellido, puedes declarar mas si lo deseas */
    $_SESSION["idPerfil"] = $fila['id_usuario'];
    $_SESSION["nombre"] = $fila['nombre'];
    $_SESSION["apellido"] = $fila['apellido'];

    //para poder utilizar su contenido es suficiente por ejemplo echo $_SESSION["apellido"];

    if($fila['id_perfil']==1){
        header("Location: administrador/index.php");
    }
    if($fila['id_perfil']==2){
            header("Location: aprendiz/index.php");
    }
    if($fila['id_perfil']==3){
            header("Location: root/index.php");
    }

}
else{
     echo "<font color='red'>Datos No Validos</font>";
}