<?php define('NO_LOGIN', true); require "include/global.php"; if ($_SESSION['user']) { lib('User'); user_logout(); // Good practice to regenerate ID's etc on logout session_obliterate(); session_start(); ?> You have been successfully logged out <?php } else { ?> You were never logged in, silly billy <?php }
$loginCheck = TRUE; } // Intercept logout POST. if (isset($_POST['logout'])) { if ($validSession === FALSE) { session_secure_init(); } $validSession = session_obliterate(); $errorMessage = 2; $postLoginForm = TRUE; } // Intercept invalid sessions and redirect to login page. if ($loginCheck === TRUE && $validSession === FALSE && $errorMessage === 0) { if ($validSession === FALSE) { $validSession = session_secure_init(); $validSession = session_obliterate(); } $errorMessage = 3; $postLoginForm = TRUE; } // Prepare view output. if ($postLoginForm === TRUE) { switch ($errorMessage) { case 0: $userMessage = 'Please sign in.'; break; case 1: $userMessage = 'Wrong credentials. <a href="index.php">Try again</a>.'; break; case 2: $userMessage = 'You are logged out! <a href="index.php">You can login again</a>.';