BrainCMS Logout Not Working

Lasers · Oct 14, 2019

I've been searching for 2 days now and I cant seem to find the solution to this. When setting up BrainCMS (with PlusEmu) on a local pc, the logout button works perfectly, however when I make the same exact hotel on my VPS the logout stalls the /me page and essentially just reloads it. This makes logout impossible unless you clear your cache. Has anyone come across this issue and figured it out? Thanks for the help!

Code for logout.php:

Code:

<?php
    session_destroy();
    $_SESSION = array();
    header('Location: '.$config['hotelUrl'].'/index');
?>

Khalil · Oct 14, 2019

1. You're destroying the temporary session data and then redefining $_SESSION as an empty array.
2. Always kill the page after issuing a redirect, otherwise, you leave yourself open to a rather serious security vulnerability.

PHP:

// Have PHP load the current active session.
session_start();

// Clear the session array.
$_SESSION = array();

// Destroy the temporary session data stored on the disk.
session_destroy();

// Issue a redirect.
header ("Location: /");

// Kill the page.
die; // or exit(); - functionality-wise, they're the same.

Lasers · Oct 14, 2019

Khalil said:
1. You're destroying the temporary session data and then redefining $_SESSION as an empty array.
2. Always kill the page after issuing a redirect, otherwise, you leave yourself open to a rather serious security vulnerability.

PHP:

// Have PHP load the current active session. session_start(); // Clear the session array. $_SESSION = array(); // Destroy the temporary session data stored on the disk. session_destroy(); // Issue a redirect. header ("Location: /"); // Kill the page. die; // or exit(); - functionality-wise, they're the same.

Thanks for the reply mate, I tried that code and all it does it bring me to a blank logout page and if I type in the link again I am just redirected to the /me page.

Khalil · Oct 14, 2019

Lasers said:
Thanks for the reply mate, I tried that code and all it does it bring me to a blank logout page and if I type in the link again I am just redirected to the /me page.

Probably should have made it clear that you weren't supposed to copy/paste that code because it starts a new session altogether. You're probably looking for this:

PHP:

session_destroy();
header("Location: /index");
exit();

Lasers · Oct 14, 2019

Legit still brings me to a blank /logout page, doesn't redirect to index or anything. Am I doing something wrong here?

Khalil said:
Probably should have made it clear that you weren't supposed to copy/paste that code because it starts a new session altogether. You're probably looking for this:

PHP:

session_destroy(); header("Location: /index"); exit();

JayC · Oct 14, 2019

Code:

session_destroy();
header('Location: '.$config['hotelUrl'].'/index');
exit();

Khalil · Oct 14, 2019

JayCustom said:
Code:

session_destroy(); header('Location: '.$config['hotelUrl'].'/index'); exit();

That's the exact same code I gave him, it won't even execute a redirect, much less destroy the session.

I looked around and it seems plenty of people are having similar "unsolvable" issues with this particular application; should probably just dump it and go for something more reliable.

Lasers · Oct 14, 2019

JayCustom said:
Code:

session_destroy(); header('Location: '.$config['hotelUrl'].'/index'); exit();

Still doing the same thing, could it be because of my SSL Cert?

Post automatically merged: Oct 14, 2019

Khalil said:
That's the exact same code I gave him, it won't even execute a redirect, much less destroy the session.

I looked around and it seems plenty of people are having similar "unsolvable" issues with this particular application; should probably just dump it and go for something more reliable.

Ye this issue seems to be happening all over the place. Do you know of any good cms's that work well with PlusEMU and aren't exploitable like RevCMS or maybe a RevCMS that has exploits fixed?

Khalil · Oct 14, 2019

Lasers said:
Still doing the same thing, could it be because of my SSL Cert?

Unless you're having similar problems with the login and registration, no. Is "BrainCMS" a must for you? If not, I recommend switching to something more tried and tested, there's something properly fucked up with this one.

Lasers · Oct 14, 2019

Khalil said:
Unless you're having similar problems with the login and registration, no. Is "BrainCMS" a must for you? If not, I recommend switching to something more tried and tested, there's something properly fucked up with this one.

Ye that's what I've been thinking lmao, I sat here for 2 days thinking "what the fuck is wrong" and legit nothing worked. Glad to see I'm not the only one that thinks there is something fucked with brain. Could you by any chance push me towards a "tried and tested" cms release?

n4te · Oct 14, 2019

Lasers said:
Ye that's what I've been thinking lmao, I sat here for 2 days thinking "what the fuck is wrong" and legit nothing worked. Glad to see I'm not the only one that thinks there is something fucked with brain. Could you by any chance push me towards a "tried and tested" cms release?

You must be registered for see links

use rev if ur new to retros honestly

Ster · Dec 21, 2020

JayCustom said:
Code:

session_destroy(); header('Location: '.$config['hotelUrl'].'/index'); exit();

Is that fix?

Post automatically merged: Dec 21, 2020

<?php
session_start();

$_SESSION = array();

session_destroy();
header('Location: '.$config['hotelUrl'].'/index');
exit();
?>

BrainCMS Logout Not Working

Lasers

Member

Khalil

IDK

Lasers

Member

Khalil

IDK

Lasers

Member

JayC

Always Learning

Khalil

IDK

Lasers

Member

Khalil

IDK

Lasers

Member

n4te

zzz

Ster

Member

Users who are viewing this thread

Latest posts

Connect with us

Newest members