代码点火器中的注销问题(PHP)
[英]logout issue in code igniter (PHP)
问题描述
I am storing loginuserid in session and destroy session on logout . 
我在会话中存储loginuserid并在注销时销毁会话。 login and logout work fine but my problem is when user logout and we press back button it still able to open visited page and even when he is actualy loged out . 登录和注销工作正常,但我的问题是当用户注销时,我们按下后退按钮它仍然能够打开访问过的页面,甚至当他被执行时。
User go to login page when we refresh the page . 用户在刷新页面时进入登录页面。 I want user not go to visited page even he press back button . 我希望用户即使按下后退按钮也不会去访问过的页面。 Please help me out . 请帮帮我。 Thanks in Advance . 提前致谢 。
3 个解决方案
解决方案1
3 2012-10-26 18:43:03
This is actually because of the browser caching - you should disable this and use CodeIgniters Cache Library if any caching is needed. 这实际上是因为浏览器缓存 - 如果需要任何缓存,您应该禁用它并使用CodeIgniters缓存库 。
Add the following to the pages where users are required to be logged in: 将以下内容添加到需要用户登录的页面中:
//Prevent browsers from using history to browse in the user system.
$this->CI->output->set_header("Cache-Control: no-store, no-cache, must-revalidate");
$this->CI->output->set_header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
$this->CI->output->set_header("Pragma: no-cache");
When pressing back in the browser the page will be refreshed, 在浏览器中按回时,页面将刷新,
解决方案2
2 2012-10-26 18:52:09
The reason the page shows is that the browser is bringing it from the cache. 页面显示的原因是浏览器从缓存中引入它。 To indicate the browser that it should not show your page from the cache you could add the no-cache meta tag inside the <head> of every secure page of your app: 要指示浏览器不应该从缓存中显示您的页面,您可以在应用的每个安全页面的<head>中添加no-cache元标记:
<meta http-equiv="Cache-Control" content="no-cache" />
Another alternative (a little convoluted) if you don't want to avoid caching, is to have javascript make an AJAX call to the server checking if the user is logged-in every time you open a secure page. 如果您不想避免缓存,另一种选择(有点复杂)是让javascript向服务器发出AJAX调用,检查用户是否每次打开安全页面时都已登录。 Something like this: 像这样的东西:
$.getJSON('/user_logged_in.php', function(loggedIn) {
if(!loggedIn)
window.location.href = '/login.php';
});
The user_logged_in.php script should return TRUE or FALSE. user_logged_in.php脚本应返回TRUE或FALSE。
Hope this helps. 希望这可以帮助。
解决方案3
0 2016-04-03 22:30:20
There are two problems: 有两个问题:
The first problem is even if you are clearing your session, the page is accessed by cache stored. 第一个问题是,即使您正在清除会话,页面也会被存储的缓存访问。
So you have to clear cache or don't save cache. 所以你必须清除缓存或不保存缓存。 For that right below code in your __construct function. 对于__construct函数中的代码下面的代码。
$this->output->set_header('Last-Modified:'.gmdate('D, d M Y H:i:s').'GMT');
$this->output->set_header('Cache-Control: no-store, no-cache, must-revalidate');
$this->output->set_header('Cache-Control: post-check=0, pre-check=0',false);
$this->output->set_header('Pragma: no-cache');
After doing this step even if you are going to previous page, where you are redirecting after login, then 执行此步骤后即使您要转到上一页,您在登录后重定向,然后
You can check on that authenticated page if the user has been logged in or not.If he is not logged in he will not ab;e to go on that page. 如果用户已经登录,您可以检查该经过身份验证的页面。如果他没有登录,他将无法继续访问该页面。
Example: 例:
public function after_log_in()
{
if(!empty($SESSION['username'] && $SESSION['os_logged_in'] == true))
{
$this->load->view('clienview');
}
else
{
echo "You are not logged in!";
}
}
So, after log out when you will press the back button it will check whether the user is logged in or not. 因此,在您退出后按后退按钮时,它将检查用户是否已登录。 If you are not logged in, it will show error to you. 如果您尚未登录,则会向您显示错误。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.