[英]logout script works on localhost but not on my hosted server
The weirdest thing is happening, when I logout of my app it redirects me to the correct page, so the script runs. 最奇怪的事情正在发生,当我注销我的应用程序时,它会将我重定向到正确的页面,因此脚本将运行。 However when I randomly type in a page that I should not have access to since my sessions and cookies have been destroyed I have access to it, this only happens on my hosted server, on local host it works fine, has anyone run into this before? 但是,当我随机输入一个页面,因为我的会话和cookie被销毁后,我无法访问该页面时,我才可以访问该页面,这种情况仅发生在托管服务器上,在本地主机上工作正常,之前有人遇到过这种情况?
The start sessions script 启动会话脚本
<?php
session_start();
// If the session vars aren't set, try to set them with a cookie
if (!isset($_SESSION['user_id'])) {
if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_email'])) {
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['user_email'] = $_COOKIE['user_email'];
$_SESSION['lawyer_client'] = $_COOKIE['lawyer_client'];
}
}
?>
The log out script 注销脚本
<?php
// If the user is logged in, delete the session vars to log them out
session_start();
if (isset($_SESSION['user_id'])) {
// Delete the session vars by clearing the $_SESSION array
$_SESSION = array();
// Delete the session cookie by setting its expiration to an hour ago (3600)
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 7600);
}
// Destroy the session
session_unset();
session_destroy();
// Delete the user ID and username cookies by setting their expirations to an hour ago (3600)
setcookie('user_id', '', time() - 7600);
setcookie('user_email', '', time() - 7600);
setcookie('lawyer_client', '', time() - 7600);
// Redirect to the home page
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
header('Location: ' . $home_url);}
?>
I am checking to see if the session is set using this script 我正在检查是否使用此脚本设置了会话
require_once('startsession.php');
if (!isset($_SESSION['user_id'])) {
echo '<p class="login">Please <a href="main_login.php">log in</a> to access this page.</p>';
exit();
}
So after looking at what I just put down my first guess would be that my logout script is not properly clearing my sessions...but why is it only not doing it on my shared host? 因此,在查看了我刚刚做出的第一个猜测之后,我的注销脚本没有正确清除会话...但是为什么只在共享主机上不这样做呢?
In some shared hosts you will have to include the sessions directory in order to work. 在某些共享主机中,您必须包括会话目录才能工作。 Are you sure that the sessions are correctly initialized? 您确定会话已正确初始化吗?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.