<?php
define('NO_LOGIN', true);
require "include/global.php";
if ($_SESSION['user']) {
lib('User');
user_logout();
// Good practice to regenerate ID's etc on logout
session_obliterate();
session_start();
?>
You have been successfully logged out
<?php
} else {
?>
You were never logged in, silly billy
<?php
}
$loginCheck = TRUE;
}
// Intercept logout POST.
if (isset($_POST['logout'])) {
if ($validSession === FALSE) {
session_secure_init();
}
$validSession = session_obliterate();
$errorMessage = 2;
$postLoginForm = TRUE;
}
// Intercept invalid sessions and redirect to login page.
if ($loginCheck === TRUE && $validSession === FALSE && $errorMessage === 0) {
if ($validSession === FALSE) {
$validSession = session_secure_init();
$validSession = session_obliterate();
}
$errorMessage = 3;
$postLoginForm = TRUE;
}
// Prepare view output.
if ($postLoginForm === TRUE) {
switch ($errorMessage) {
case 0:
$userMessage = 'Please sign in.';
break;
case 1:
$userMessage = 'Wrong credentials. <a href="index.php">Try again</a>.';
break;
case 2:
$userMessage = 'You are logged out! <a href="index.php">You can login again</a>.';
