Love_PHP Love_PHP - 2 years ago 77
PHP Question

User Log Out displaying in all the users

Im trying to create a member page but when im logged in as the user
i need a log out button and if im logged in as the (X) user and i try to access (Y) user's profile i still get the logout button. Basically, im trying to get a logout button only when im logged in as my user and if i want to check another profile i want to check it and dont want a logout button to show on another profile page while im logged in.


include_once 'php/classes/class.user.php';

//echo 'GET:';
//echo '$_SESSION:';
//echo var_dump($_SESSION);

$user = new User();

$uid = $_GET['uid'];

if(isset($_SESSION['uid']) && $_GET['uid'] == $_SESSION['uid']){

if ($user->check_user($uid)) {

echo " " . $user->get_fullname($uid) . " ";
echo "<a href='profile.php?q=logout'>Log Out</a>";


}else if(isset($_SESSION['uid']) && $_GET['uid'] != $_SESSION['uid']){

echo " " . $user->get_fullname($uid) . " ";

}else if(!isset($_SESSION['uid']) && $_GET['uid'] != $_SESSION['uid']){
echo " " . $user->get_fullname($uid) . " ";
}else if($user->check_user($count_row1) > $uid){
echo "User Doesn't exist";

if (isset($_GET['q'])) {
header("location: index.php");


include "db_config.php";

class User{

public $db;

public function __construct(){

if(mysqli_connect_errno()) {
echo "Error: Could not connect to database.";

/*** for login process ***/
public function check_login($emailusername, $password){

$password = md5($password);
$sql2="SELECT uid from users WHERE uemail='$emailusername' or uname='$emailusername' and upass='$password'";

//checking if the username is available in the table
$result = mysqli_query($this->db,$sql2);
$user_data = mysqli_fetch_array($result);
$count_row = $result->num_rows;

if ($count_row == 1) {
// this login var will use for the session thing
$_SESSION['login'] = true;
$_SESSION['uid'] = $user_data['uid'];
return true;
return false;
/*** for showing the username or fullname ***/

public function get_fullname($uid){
$sql = "SELECT * FROM users WHERE uid = $uid";
$result = mysqli_query($this->db, $sql);
$user_data = mysqli_fetch_array($result);

echo $user_data['fullname'], "<br/>";
echo $user_data['uemail'], "<br/>";
echo $user_data['uid'], "<br/>";

public function check_user($uid){

$sql5 = "SELECT uid from users WHERE uid='$uid'";
$result1 = $this->db->query($sql5);
$count_row1 = $result1->num_rows;

return ($count_row1 ==1);


/*** starting the session ***/
public function get_session(){
return $_SESSION['login'];

public function user_logout() {
$_SESSION['login'] = FALSE;


Answer Source

According to your code

if (isset($_GET['uid'])) {
// Your Code of Check user exist? I don't get it
else if (isset($_SESSION['uid'], $_SESSION['login'])) {
// Your Code to print Logout
echo "Session not set";

This actually doesn't make sense, You are checking uid first. I'm guessing that's user's unique id. If uid is set, it won't even go to else part. And if I ignore that in your else part you are not checking whether current user is the same user who is logged in, you should do something like this:

     //Your Code to Print Logout
  else if($user->check_user($uid))
    //User Exist and Not Logged in User
  else if(!$user->check_user($uid))
   //User Doesn't Exist

You must use a GET parameter to check current profile with your logged in user. I advise you to eliminate first if condition and use above condition.

Edit : As you want to print if user exist or not, there can be multiple ways, I just edited to show an example, but it can be different according to multiple circumstances. It is just an idea

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download