Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.
  www.smarty.net   •  phpinsider.com  •  Forum Index  •  FAQ  •  Search  •  Memberlist  •  Profile  •  Log in to check your private messages  •  Register  •  Log in
Authentication form (many hours stuck)...

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General
View previous topic :: View next topic  
Author Message
mpk
Smarty Rookie


Joined: 26 Jun 2003
Posts: 9
Location: Amsterdam, Netherlands
PostPosted: Sat Aug 02, 2003 3:35 pm    Post subject: Authentication form (many hours stuck)... Reply with quote
I have a login.php like this:

ini_set('session.name', 'mysession');
ini_set('session.cookie_lifetime', 1800);
session_start();
.....
$smarty->display("login.tpl");

And a logout like this:

session_start();
session_unset();
setcookie (session_name(), '', (time () - 2592000), '/', '', 0);
session_destroy();
header("Location: login.php");
exit;

It looks like that the session (and cookies and everything) is effectively destroyed but when i come again to the login screen and I press reload from my browser it informs me that my form has to be resend and if I confirm I login again. I think I'm missing something simple here (clear cache or something like this?) but I cannot find what.

Any ideas please?
Thanks.-
Back to top
View user's profile Send private message Send e-mail
CirTap
Smarty Pro


Joined: 04 Jun 2003
Posts: 106
PostPosted: Tue Aug 05, 2003 12:25 pm    Post subject: Use no-cache + challenge/response hash Reply with quote
Quote:
It looks like that the session (and cookies and everything) is effectively destroyed but when i come again to the login screen and I press reload from my browser it informs me that my form has to be resend and if I confirm I login again.


you mean using the back-buttons of your browser?
You can solve this in two ways:
- first make sure that login.php is not been cached by the browser, by adding all the killers like 'no-cache', 'expire' etc. with header()
- use a challenge-response field/session var to control, if a form has already been submitted - in any open instance/browser.

I assume you can handle the cache stuff (or find some page telling you how), the other thing is explained here how to detect reloads/duplicated windows

Have fun,
CirTap
Back to top
View user's profile Send private message
mpk
Smarty Rookie


Joined: 26 Jun 2003
Posts: 9
Location: Amsterdam, Netherlands
PostPosted: Wed Aug 13, 2003 12:04 pm    Post subject: Reply with quote
Challenge-Response was what I was missing. Not exactly smarty...
Many thanks for this.
Cheers
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP