Building a Weblog: Part 3/Page 3 | WebReference

Building a Weblog: Part 3/Page 3

[previous] [next]

Building a Weblog: Part 3

By Jono Bacon

Signing Out the User

With the user now able to log in, you also need to give him the ability to log out— by destroying the session created on login. Create a new file called logout.php and add the following code:

To log out the user, just use the session_destroy() function to delete all the registered session variables. The session is now destroyed, and the user is no longer logged in. You can then perform a header redirect to index.php.


The Life and Death of a Session

When dealing with session-based code, you should always clear out any sessions when testing your code. Apart from creating the logout.php script, another option is to close the Web browser. Sessions will live only for the duration that the browser is open, and when you close the browser (not just the window), the session is lost.

When developing your code, closing your browser when you want to clear a session can be quite frustrating. To relieve the pain, use the Web Developers Toolbar extension that is available for Mozilla Firefox on all platforms. Download it from the Mozilla Extensions Web site.

Adding Session Support to the Application

With the new member login capability, you can supercharge your current pages to react differently when a member is logged in. The session variables created in the login page can be checked, and you can add extra options where appropriate.

Bolting On Options in the Header File

The first file to edit is header.php. In login.php and logout.php, you added session_start() at the beginning of the page. You will use session_start() in most of your pages, so add it to the top of header.php:

This file already contains a list of links that are available to different parts of the site. When users are logged in, the Logout link should be visible; if they are not logged in, the Login link should be visible. Add the following code inside the PHP block under the categories link:

The isset() function is used to check if the USERNAME session variable is set. If it is, the Logout link is displayed; otherwise, the Login link is displayed.

Use the same method for adding additional links:

Adding Links to Update Blog Entries

When using Blogtastic, you will need to edit existing blog entries. Instead of just adding an Edit Blog Entry link to header.php, it is more intuitive to add an Edit link next to blog entry subjects. (Later in the project, you will create a file, called updatentry.php, to edit the blog entry.) Using a similar technique of checking if the session variable exists, add the following code in index.php, after the category and date line:

The updateentry.php file is passed an id variable that contains the ID of the blog entry to edit. Copy this same block of code to viewentry.php, after the same line where the date of the posting is listed. The links are displayed in Figure 4-9.

Figure 4-9

Cover: Practical PHP and MySQL

This chapter is excerpted from the book titled, Practical PHP and MySQL: Building Eight Dynamic Web Applications, authored by Jono Bacon. Copyright 2007 Pearson Education, Inc., published by Prentice Hall Professional, November, 2006. ISBN 0132239973.

[previous] [next]