stackoom
  简体   繁体   中英

Log in log out session php

 原文  2015-10-21 11:27:29       php/ session

Question

I have here the code of my login and logout can you guys check if the session I placed is correct?

Login code :

<?php
session_start();

header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Content-Type: text/html');

$connection = mysql_connect("localhost", "root", "");
$db = mysql_select_db("store_data", $connection);

if(isset($_POST['login'])){
    $admin=$_POST['user'];
    $pass=$_POST['pass'];
    $select_user = mysql_query("SELECT admin_name FROM admin");
    $select_pass = mysql_query("SELECT admin_pass FROM admin");
    $result_1 = mysql_fetch_assoc($select_user);
    $result_2 = mysql_fetch_assoc($select_pass);

    if($admin !=$result_1['admin_name'] || $pass!=$result_2['admin_pass']){
        echo "<script >alert('Invalid password or username')</script>";
        header("refresh:0; url=administrator.php" );
    }

Logout code :

<?php

session_destroy();
header("Location: administrator.php");

?>

2 answers

solution1
 0  2015-10-21 11:30:01

Before session_destroy you need session_start

<?php    
session_start();
session_destroy();
header("Location: administrator.php");
?>

solution2
 0  2015-10-21 11:35:17

Errors

  1. session_start() missing in logout
  2. You not check $admin and $pass value in your query
  3. Your Argument is wrong in the set session
  4. And you not setting any session to destroy it
  5. Don't use MySQL Function Its depreciated now

In logout

<?php
    session_start(); //add this
    session_destroy();
    header("Location: administrator.php");
?>

In login

<?php

    session_start();

    header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
    header("Cache-Control: post-check=0, pre-check=0", false);
    header("Pragma: no-cache");
    header('Content-Type: text/html');

    $connection = mysql_connect("localhost", "root", "");
    $db = mysql_select_db("store_data", $connection);

    if(isset($_POST['login']))
    {
        $admin=$_POST['user'];
        $pass=$_POST['pass'];

        $query = mysql_query("SELECT * FROM admin where admin_name='$admin' AND admin_pass = '$pass' ");

        $result = mysql_fetch_assoc($query);
        $count = count($result);

        if(!empty($count))
        {
            $_SESSION["admin_name"] = $admin;
            header("refresh:0; url=administrator.php" );
        }
        else
        {
            echo "Invalid User";
        }
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to destroy php session without log out Cant log out of cookie/session PHP Log out user from php session PHP Session Destroy on Log Out Button use php to display log in and log out link according to active session Created a Log In and Log out Session with php but i am having trouble with the Log out php observer pattern to log user out when session times out PHP log in with session creation php log in with session display PHP Session issue? Log-out, and Log-back-in; Session completely wiped
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM