堆栈内存溢出
  简体   繁体   English

会话注销而不关闭会话

[英]Session logout without closing the session

 原文  2017-02-18 12:58:15       php/ session

问题描述

We have a session logout script like: 我们有一个会话注销脚本,例如: 

<?php
    //24 2 2015
    session_start();
    session_destroy();
    header("location:login.php")
?>

now this script logouts and redirect it to login page where, username and password will be required to login again. 现在,此脚本注销并重定向到登录页面,在该页面上将需要用户名和密码才能再次登录。

what if i wanted to have a temporary logout where after logging out it will direct us to a login page where it will only require password, cause session hasn't been destroyed and username is been passed to that page... 如果我想进行临时注销该怎么办,注销后它将引导我们进入一个仅需输入密码的登录页面,原因是会话没有被破坏并且用户名已传递到该页面...

so, when you enter the password, it will check the input in database table where username = session username. 因此,当您输入密码时,它将检查数据库表中用户名=会话用户名的输入。

Hope i was clear. 希望我很清楚。

The update:: 更新::

templogout.php templogout.php 

<?php
    //24 2 2015
    session_start();
    $_SESSION['temp_logout'] = true;
    header("location:templogin.php")
?>

templogin.php templogin.php 

<?php
    //24 2 2015
    session_start();
?>
<form id="msform" action="templogincheck.php" method="post">
  <fieldset>
      <input type="password" name="password" placeholder="Enter password here" required />
    <button type="submit" name="submit" class="submit action-button"> LogIn </button>
</form>

templogincheck.php templogincheck.php 

<?php
    //15 2 2015
    session_start();

    $Cser =mysqli_connect("localhost","text","text","text") or die("Server connection failed : ".mysqli_error($Cser));

    $password = md5($_REQUEST["password"]);
    $mobile = $_SESSION['mobile'];

    $s = "select * from users where password = '".$password."' and mobile = '".$mobile."'";
    $result = mysqli_query($Cser,$s);
    $count = mysqli_num_rows($result);
    if($count>0)
    {
        $_SESSION["mobile"] = $mobile;
        $_SESSION["login"]="1";
        header("location:/index.php");
    }
    else
    {
     header("location:/templogin.php");   
  }
?>

index.php index.php 

<?php 
    //15 2 2015
    session_start();
        unset($_SESSION["temp_logout"]);
    if(!isset($_SESSION["login"]))
        header("location:login.php");
?>

I hope i did it right, but i have to presume i have something wrong cause it isn't working.. 我希望我做对了,但是我必须假定我做错了什么,因为它不起作用。

Am i passing the session mobile to the login check page? 我是否可以将会话移动设备传递到登录检查页面?

user first login page: 用户第一个登录页面: 

<form id="msform" action="ulogincheck.php" method="post">
  <fieldset>
    <h2 class="fs-title">LogIn</h2>
    <h3 class="fs-subtitle">Please Enter your details accordingly<br/><br/> <small>(case sensitive)</small></h3>
      <input type="text" name="email" placeholder="Email" required />
      <input type="text" name="mobile" placeholder="Mobile" required />
      <input type="password" name="password" placeholder="Password" required />
    <button type="submit" name="submit" class="submit action-button"> LogIn </button>
</form>

first logincheck page 第一个登录检查页面 

session_start();
$email = $_REQUEST["email"];
    $mobile = $_REQUEST["mobile"];
    $password = md5($_REQUEST["password"]);


    $s = "select * from users where email='".$email."' and password = '".$password."' and mobile = '".$mobile."'";

    $result = mysqli_query($Cser,$s);

    $count = mysqli_num_rows($result);

    if($count>0)
    {
        $_SESSION["email"] = $email; 
        $_SESSION["mobile"] = $mobile;
        $_SESSION["login"]="1";
        header("location:/index2.php");
    }
    else
    {
           header("location:/usersignin.php");

2 个解决方案

解决方案1
 1 已采纳  2017-02-18 13:10:33

You could add a "temp_logout" field to the $_SESSION variable and when you redirect the user to the login page, you can check for it $_SESSION["temp_logout"] and if it is true, add the username in the input field. 您可以在$_SESSION变量中添加一个"temp_logout"字段,当您将用户重定向到登录页面时,可以检查它是否为$_SESSION["temp_logout"] ;如果为true,则在输入字段中添加用户名。

logout script: 注销脚本: 

<?php
    //24 2 2015
    session_start();
    $_SESSION['temp_logout'] = true;
    header("location:login.php")
?>

login page: 登录页面: 

session_start()
...
//where the "username" input is
<input name="username" <?php if(isset($_SESSION["temp_logout"]){
    echo 'value="'.$_SESSION["username"] .'" ';
} ?> />
...

after a successfull login: 成功登录后: 

<?php
    session_start();
    unset($_SESSION["temp_logout"]);
?>

Also, anywhere on the site, don't forget to check if the user is temporarily logged out; 另外,在网站上的任何地方,请不要忘记检查用户是否暂时注销。 then immediatelly redirect him to the login page 然后立即将他重定向到登录页面

解决方案2
 0  2017-02-18 13:05:30

it is really depend on your platform: You can only unset something like password instead of destroying session, 这实际上取决于您的平台:您只能取消设置password而不能破坏会话, 

unset($_SESSION['password']);

or set another key in session: 或在会话中设置另一个密钥: 

$_SESSION['loggedIn'] = false;

and redirect to login page. 并重定向到登录页面。

also you can put username in cookie and destroy session. 您也可以将用户名放在Cookie中并销毁会话。

setcookie setcookie

If you want to store username in cookie it is better to encrypt it for security reasons. 如果要将用户名存储在cookie中,出于安全原因,最好对其进行加密。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法注销PHP中的会话 - Unable to logout session in PHP 在 php 中注销和重定向会话 - logout and redirecting session in php Laravel 5 注销或会话销毁 - Laravel 5 logout or session destroy 注销问题/会话未销毁 - Logout problem /session not destroyed 意外的会话注销php - Unexpected session logout php 会话退出问题在codeigniter - session logout issue in codeigniter 注销Laravel上的Flash会话 - Flash session on logout Laravel 注销后的会话问题 - Session problem after logout 会话注销按钮引导程序 - session logout button bootstrap 会话中PHP中的注销问题 - logout problem in PHP with session
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM