stackoom
  简体   繁体   中英

Redirecting if Login Session Expires in php

 原文  2017-09-15 09:31:12       php/ session

Question

I am trying to log out when session time expires. I used this code:

home.php 

session_start(); 
require_once 'class.user.php'; 
$user_home = new USER(); 
if($user_home->isLoginSessionExpired()) {
        header("Location:logout.php?session_expired=1");
    }
if(!$user_home->is_logged_in()) 
{ 
$user_home->redirect($web); 
}

class.user.php 

public function isLoginSessionExpired() {
    $login_session_duration = 10; 
    $current_time = time(); 
    if(isset($_SESSION['loggedin_time']) and isset($_SESSION["userSession"])){  
        if(((time() - $_SESSION['loggedin_time']) > $login_session_duration)){ 
            return true; 
        } 
    }
    return false;
}

    public function is_logged_in()
    {
        if(isset($_SESSION['userSession']))
        {
            return true;
        }
    }public function logout()
{
    session_destroy();
    $_SESSION['userSession'] = false;
}public function login($uname,$upass)
{
    try
    {
        $stmt = $this->conn->prepare("SELECT * FROM tbl_users WHERE userName=:username");
        $stmt->execute(array(":username"=>$uname));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);

        if($stmt->rowCount() == 1)
        {
            if($userRow['userStatus']=="Y")
            {
                if($userRow['userPass']==md5($upass))
                {
                    $_SESSION['userSession'] = $userRow['userID'];
                     $_SESSION['user_name'] = $userRow['userName'];
                    return true;
                }
                else
                {
                    header("Location: index.php?error");
                    exit;
                }
            }
            else
            {
                header("Location: index.php?inactive");
                exit;
            }   
        }
        else
        {
            header("Location: index.php?error");
            exit;
        }       
    }
    catch(PDOException $ex)
    {
        echo $ex->getMessage();
    }
}

logout.php 

<?php
session_start();
require_once 'class.user.php';
$user = new USER();

if(!$user->is_logged_in())
{
    $user->redirect($web);
}

if($user->is_logged_in()!="")
{
    $user->logout();    
    $user->redirect($web);
}
$url = $web;
if(isset($_GET["session_expired"])) {
    $url .= "?session_expired=" . $_GET["session_expired"];
}
header("Location:$url");
?>

login.php 

<?php
session_start();
require_once 'class.user.php';
$user_login = new USER();

if($user_login->is_logged_in()!="")
{
    $user_login->redirect($web.$_SESSION['user_name']);
}

if(isset($_POST['btn-login']))
{
    $uname = trim($_POST['txtuname']);
    $upass = trim($_POST['txtupass']);

    if($user_login->login($uname,$upass))
    {
        $user_login->redirect($uname);
    }
}
?>

But my code is not working! How can I sort out my problem?

1 answers

solution1
 1  2017-09-15 10:14:33

The problem in User 's logout() method.

Since if you do $_SESSION['userSession'] = false; the isset($_SESSION["userSession"]) will still give you true . So in class.user.php it should be: 

public function logout(){
    session_destroy();
    unset($_SESSION['userSession']);
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Php session redirecting to login redirecting to custom url if session expires or if a page requires login redirecting with php after login within same session PHP PDO Session redirecting me to login page PHP session randomly expires Redirecting a user to login page after cookie expires PHP - session redirecting me to infinite login.php page PHP session expires while in use PHP Session not working and immidietly expires Redirect to login page when session expires + silex
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM