我的会话会检查用户是否已登录,但当我刷新页面时,会话测试会再次运行并开始执行代码,然后每次都会将+1添加到成员在线计数器中。我希望我的代码像下面这样检查会话是否为真,但如果我刷新页面或导航到另一个页面,则不检查。(每次登录仅一次)这怎么可能?
PS MY代码不安全我的代码不在任何实时环境中,稍后将应用安全性以防止sql注入。
include('..'db.php');
$con = mysqli_connect($dbsrvname, $dbusername, $dbpassword, $dbname);
$guest_timeout = time() -1 * 60;
$member_timeout = time() -2 * 60;
$guest_ip = $_SERVER['REMOTE_ADDR'];
$time = time()
// This session check adds +1 to my member online counter when page is reloaded
if(isset($_SESSION['CurrentUser'])){
//if user is logged
$sqlt = mysqli_query($con,"DELETE * FROM active_guests WHERE guest_ip='".$guest_ip."'");
$sqlt2 = mysqli_query($con,"REPLACE INTO active_members VALUES ('".$_SESSION['CurrentUser']."','".$time."')");
}else{
//if user not logged
$sqlt3 = mysqli_query($con,"REPLACE INTO active_guest (guest_ip,time_visited)VALUES ('".$guest_ip."','".$time."')");
}
$sqlt4 = mysqli_query($con,"DELETE * FROM active_guest WHERE time_visited < ".$guest_timeout);
$sqlt5 = mysqli_query($con,"DELETE * FROM active_members WHERE time_visited < ".$member_timeout);
$sqlt6 = mysqli_query($con,"SELECT guest_ip FROM active_guests");
$online_guests = mysqli_num_rows($sqlt6);
$sqlt7 = mysqli_query($con,"SELECT username FROM active_members");
$online_members = mysqli_num_rows($sqlt7);
?>
<div class="container">
<p>online Guests : <?php echo $online_guests ; ?></p>
<p>online Members : <?php echo $online_members ; ?></p>
</div>
您需要username列上的唯一索引,以便REPLACE将替换而不是插入重复的行。
ALTER TABLE active_members ADD UNIQUE INDEX (username);
您可能还需要在active_guests的guest_ip列上有一个唯一的索引,尽管可能有多个用户来自同一个IP。