Improve login and logout

2022-01-18 12:03:04 +01:00 · 2022-01-18 12:03:04 +01:00 · 1f68d75b88
commit 1f68d75b88
parent 4e7148b8cd
2 changed files with 11 additions and 2 deletions
--- a/includes/pages/login.php
+++ b/includes/pages/login.php
@ -17,7 +17,11 @@ if (isset($_POST['email'], $_POST['password'])) {
         AND `password` = "' . sha1($_POST['password']) . '";'
    )->fetch();

-    $_SESSION['user'] = $user;
+    if (false === $user) {
+        # code...
+    } else {
+        $_SESSION['user'] = $user;
+    }
 }

 if (isset($_SESSION['user'])) {
--- a/includes/pages/logout.php
+++ b/includes/pages/logout.php
@ -10,7 +10,12 @@ use wishthis\Page;

 $page = new page(__FILE__, 'Logout');

-session_destroy();
+if (PHP_SESSION_ACTIVE === session_status()) {
+    session_destroy();
+
+    header('Location: /?page=logout');
+    die();
+}

 $page->header();
 $page->navigation();