我正在制作一个登录系统,我刚刚开始工作,现在我很难为我的网站制作注销功能。它还没有真正托管,所以稍后会提供安全性。我尝试过session_demory和unset的各种用途,但我无法使其发挥作用。如有任何帮助,我们将不胜感激。
我的PHP
<?php
session_start();
/*This is the equivalent of login.php*/
$database = "forum"; // the name of the database.
$server = "localhost"; // server to connect to.
$db_user = "root"; // mysql username to access the database with.
$db_pass = ""; // mysql password to access the database with.
$table = "members"; // the table that this script will set up and use.
$link = mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database,$link);
if (isset($_POST['fsubmitted'])) {
// Get the data passed from the form
$username = $_POST['username'];
$pass = $_POST['pass'];
// Do some basic sanitizing
$username = stripslashes($username);
$pass = stripslashes($pass);
$encryptedpass = md5($pass);
$sql = "SELECT * from members where username = '$username' and password = '$encryptedpass'";
$result = mysql_query($sql);
$count = 0;
$count = mysql_num_rows($result);
if ($count == 1) {
$_SESSION['loggedIn'] = "true";
header("Location: index.php"); // This is wherever you want to redirect the user to
exit();
} else {
$_SESSION['loggedIn'] = "false";
echo '<div class="errormsgbox">Your username and password combo was incorrect!</div>';
var_dump($result);
echo $sql;
}
}
if ($_SESSION['loggedIn'] = "true") {
echo '<div class="success">You are now logged in!</div>';
}
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
}
$_SESSION['loggedin'] = time(); // update last activity time stamp
?>
使用:
session_start();
具有以下任一项:
session_destroy();
session_unset();
unset($_SESSION["loggedin"]);
$_SESSION = array();
我可以在您的代码中看到两个错误:
- 您尚未开始会话
- 您没有告诉代码要取消设置/销毁哪个会话
正在启动会话:
将其作为PHP代码的第一行:session_start();
注销
让我们仔细看看这个代码块:
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
}
您没有告诉代码哪个会话是unset
还是destroy
!
要做到这一点,必须在括号内包含一个会话变量。
试试这个代码:
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset($_SESSION['loggedin']); // unset $_SESSION variable for the run-time
session_destroy($_SESSION['loggedin']); // destroy session data in storage
}
我所做的只是,告诉代码哪个会话到unset
和destroy
更新
如果这对你不太管用,那就试试这个吧。
if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
unset($_SESSION['loggedin']); // unset $_SESSION variable for the run-time
$_SESSION['loggedin'] = "false";
}
另一个值得注意的好东西是有一个注销按钮。这在这里解释:注销按钮php
我希望这能帮助你,如果我能提供进一步的帮助,请告诉我!
在您的脚本中注销某人,只需:
session_start();
unset($_SESSION);
session_destroy();
您还应该在上面显示的login.php中的某个时刻调用session_start()
。
我会尝试使用这个函数:
function logout(){
if(session_id() == '') { // start session if none found
session_start();
}
session_unset();
session_destroy();
unset($_SESSION['loggedIn']);
}
使用这个函数所需要做的就是调用logout();您希望将该人员注销的位置。