When a user logs in, a session id is generated accordingly. There is a

Question

0

Asked: June 5, 20262026-06-05T05:59:28+00:00 2026-06-05T05:59:28+00:00

When a user logs in, a session id is generated accordingly. There is a

0

When a user logs in, a session id is generated accordingly. There is a ‘logout’ link on the page. On clicking the link a jquery ajax method is called to execute a php file which just unsets the session id variable.

If any user uses Firebug or any such tool to see the called-in file address, then s/he can just put the file address in the address bar and the press the ‘Enter’ key to execute the php file which will consequently log the user out which I do not want to happen.

How to prevent the user from doing that? Http_referrer or any such thing?

Scripting language is php.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-05T05:59:29+00:00

Editorial Team

2026-06-05T05:59:29+00:00Added an answer on June 5, 2026 at 5:59 am

You could have the AJAX call POST a variable to the PHP page, which the PHP page checks bofore logging the user out.

If it is a matter of making sure they redirect to the home page after logging out, make the a link to the logout page, then use PHP to send header("Location: home.php");. This has the added bonus of still working even if JavaScript is disabled.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When a user logs in, a session id is generated accordingly. There is a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply