Ready to watch this entire course?
Become a member and get unlimited access to the entire skills library of over 4,900 courses, including more Business and personalized recommendations.Start Your Free Trial Now
- View Offline
This course was updated on 6/12/2012.
- Understanding dynamic versus static content
- Adding PHP commands to web pages
- Setting and outputting variables
- Using server-side includes
- Creating PHP custom classes
- Adding the Zend Framework to a PHP installation
- Creating a MySQL database
- Adding data in phpMyAdmin
- Building recordsets
- Formatting dynamic data
- Building data entry forms
- Authenticating users
- Deploying a dynamic site
Skill Level Intermediate
In other videos in this chapter, I've described how to build a login form and compare values that the user types in to values in the database, and then I showed how to protect various pages of your web site, so that unauthenticated users can't see them. Now, I'm going to show you how to create a log out link that allows a user to explicitly log out from the web site. I'm working in the file explorerlist.php in the explorers folder of the current site root. When you create a log out operation, you can either add a link to an existing page, or you can create an external log out page.
I'm going to use the first option, adding a log out operation to a single page. I'll scroll down in the page to the Explorers section and click after the last item under the Explorers menu, Video Podcast. Then I'll go to Code View. I'm going to add a new list item after the video podcast. I'll click after the ending tag for </li>, and then I'll create a new <li> tag set, and place the cursor between the tags. Now I'm ready to create my log out operation.
I'll go to the menu and choose Insert > Data Objects > User Authentication > Log Out User. You can attach the log out operation to any of the links in the page, or you can create a new link. I'll choose that option, creating a new link with the text "log out." If you were creating an external separate log out page, you could instead select the option to log out when the page loads. Then you must select a page to go to after the log out operation is complete.
I'll click Browse, go to the site root, to the login folder, and I'll choose the login form page login.php, and I'll click OK. This page is already protected. If I try to view it in the browser directly, I'll be redirected to the login form. So let's take a look at the entire set of functionality. I'll try to load the page in the browser, and because it's protected, I'm taken to the Log In form. In the Log In form, I'll type in my username and password, and I'll click Submit, and I'm taken to the index page.
As long as I keep the browser open, I can navigate around to all of the protected pages. But here is my new Log Out link and when I click it I'm logged out, and I am returned back to my Log In form. Once again, you can take a look at the code that's generated by Dreamweaver, and if you like, you can move it into external pages and include it in others to make it more reusable. In this page, I now have some code at the top that indicates how the login operation will work. The most critical part is this query string variable, named doLogout, set to a value of true.
When I click on the link, that variable is passed to the page, and then the second time the page is loaded, as a result of that variable existing and being set to a value of true, all of the operations needed to log the user out are executed. A number of variables in the session scope are cleared from memory. And then there is line of code that sets a variable, named logoutGoTo, which in this case is set to my login form, and finally, a call to the header function is used to redirect the browser to the login form.
You can take all of that code, move it to an external file, and then include it in whatever pages you need it in, to make the code more reusable throughout your web site. This architecture allows you to easily create a complete security system for your web site, attaching it to the information you store in your database. Your database should have a table containing user information, minimal username and password, and optionally, access level, and then you can design your security model, integrating the database with all the pages of your site.