我的web应用程序由2个页面组成(登录页面、主页)
如果用户以前没有登录,我想阻止用户查看主页,所以我做了以下操作:
在主页中,我检查登录身份验证中设置的用户名会话
session_start();
if (!isset($_SESSION['LOGIN_STATUS'])||$_SESSION['LOGIN_STATUS']!=true) {
header('Location:login.php?lang=en');
exit();
}
现在:当我打开主页时,我重定向到登录屏幕,这是正确的,但当我登录然后注销,然后尝试再次登录时,我也重定向到登录页面,无法再次登录
注销时:
session_start();
unset($_SESSION['username']);
$lang=$_SESSION['lang'];
unset($_SESSION['lang']);
session_unset();
if(session_destroy()){
header("Location: login.php?lang=$lang");
exit;
}
java脚本登录代码:
$(function () {
var form = $('#main form'),
arrow = $('#main .arrow');
$('#main .row input').val('');
function submitLogin(enteredUsername, enteredPassword) {
$.ajax({
url: './webService/CheckLogin.php',
type: 'post',
data: {username: enteredUsername, password: enteredPassword},
cache: false,
success: function (resp) {
if (resp.toString() === "true") {
window.location = 'Main.php';
} else {
// fail code here.
alert("Login Failed");
}
}
});
}
// Handle form submissions
form.on('submit', function (e) {
var user = document.getElementById("username").value;
var pass = document.getElementById("password").value;
submitLogin(user, pass);
});
});
检查Login.php
require("./DbConnection.php");
session_start();
if(isset($_POST['username']) && !empty($_POST['username'])){
$username = ($_POST['username']);
}
if(isset($_POST['password']) && !empty($_POST['password'])){
$password = ($_POST['password']);
}
AuthenticateUser($username, $password);
function AuthenticateUser($username, $password) {
$conn = OpenConnection();
$tsql = "select userName,Password from Users ";
$stmt = sqlsrv_query($conn, $tsql);
if ($stmt === false) {
echo "Error in executing query.</br>";
die(print_r(sqlsrv_errors(), true));
}
while ($row = sqlsrv_fetch_array($stmt)) {
if ($username == $row[0] && $password == $row[1]) {
$res = 'true';
$_SESSION['LOGIN_STATUS']=true;
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
break;
} else {
$res = 'FALSE';
}
}
CloseConnection($stmt, $conn);
echo $res;
}
简单。不要在登录屏幕上显示会话。