But Iām not getting logged out. I have a script on the index page right at the beginning that says:
if ($_SESSION['is_logged'] = true) {
header ("Location: member.php");
exit();
}
And I end up right on the member page instead of the rest of the code with the username and password loading on the index page. I believe the logout page has effectively destroyed the session?
Hi,
You should use the PHP function md5() to scramble passwords and only store scrambled passwords in the db. Then just scramble the password the users inputs using md5() and compare that to the scrambled password in the db. this way if the db gets compromised, no one will be able to get the actual users passwords.
Kevin Yankās Sitepoint book āPhp and mysql, novice to ninjaā does a great job explaining all about sessions and setting up a login and also allocating privileges to users and using them on your site. Includes examples too.
md5 is no good for hashing passwords as it has been rainbow tabled to death. What version of PHP are you using? If youāre using version 5.5 then thereās a group of functions available that will help with hashing
Thank you all for your time and assistance. I seem to have this working now. I would like to move on to the next level and learn how to create registration and multiple logins for users that want to do it. Where can I get started on that?