session_start() 在 Connect 中调用.php但出于安全原因未包含在此处
我在会话未取消设置或销毁时遇到问题
我有一个注销.php我在其中处理注销,它看起来像这样
<?
if(isset($_POST['logout'])){
session_start();
session_unset();
session_destroy();
header("Location: index.php");
}
?>
然后,我在导航中调用此代码,该代码工作正常,但是一旦我登录并尝试注销,导航应该消失并且应该显示表单,但导航是这里唯一显示的是该脚本
<nav>
<?
if(isset($_SESSION['user'])){
include("server/constants/nav.php");
} else{?>
<div class="form">
<input type="button" id="displayLoginForm" onclick="showLogin()" value="Login">
<input type="button" id="displayRegisterForm" onclick="showRegister()" value="Register">
<div id="loginSection" style="display:none">
<? include("server/display/LoginForm.php") ?>
</div>
<div id="registerSection" style="display:none">
<? include("server/display/RegisterForm.php") ?>
</div>
</div>
<? } ?>
</nav>
其他相关脚本
句柄登录.php
<?
if(isset($_POST['Login'])){
$user = $_POST['username'];
$pass = $_POST['password'];
$sql = "SELECT * FROM energywise WHERE username='$user'";
$query = mysql_query($sql);
$row = mysql_fetch_object($query);
$id = htmlspecialchars($row->id);
$firstName = htmlspecialchars($row->firstname);
$lastName = htmlspecialchars($row->lastname);
$username = htmlspecialchars($row->username);
$password = htmlspecialchars($row->password);
$mail = htmlspecialchars($row->email);
if(empty($id)){
echo 'Account does not exist';
} elseif($pass != $password){
echo 'Passwords do not match';
} else{
$_SESSION['user'] = $id;
header("Location: index.php");
}
}
?>
导航.php
<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
<link rel="stylesheet" href="css/navigation.css">
<script src="js/nav.js"></script>
<div id='cssmenu'>
<ul>
<li class='active'><a href='index.php'>Home</a></li>
<li><a href='calender.php'>Calender</a></li>
<li><a href='locations.php'>Locations</a></li>
<li><a href='#'>Placeholder</a></li>
<form method="post">
<li><input type="submit" name="logout" value="Logout"></li>
</form>
</ul>
好吧,我不知道,但是您是否测试了logout.php
是否正在被访问?我想念表格上的action="logout.php"
:
<form action="logout.php" method="post">
<li><input type="submit" name="logout" value="Logout"></li>
</form>