如何在php中注销用户？

Question

我正在创建一个登录系统，但是我只能使它正常工作，现在我很难为我的网站设置注销功能。 它尚未真正托管，因此安全性将在以后发布。 我已经尝试了session_destroy和unset的各种用法，但是我无法使其正常工作。 任何帮助，将不胜感激。

我的PHP

<?php
session_start();
/*This is the equivalent of login.php*/
$database = "forum";  // the name of the database.
$server = "localhost";  // server to connect to.
$db_user = "root";  // mysql username to access the database with.
$db_pass = "";  // mysql password to access the database with.
$table = "members";    // the table that this script will set up and use.
$link = mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database,$link);

if (isset($_POST['fsubmitted'])) {
// Get the data passed from the form
$username = $_POST['username'];
$pass = $_POST['pass'];

// Do some basic sanitizing
$username = stripslashes($username);
$pass = stripslashes($pass);
$encryptedpass = md5($pass);

$sql = "SELECT * from members where username = '$username' and password = '$encryptedpass'";
$result = mysql_query($sql);


$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
     $_SESSION['loggedIn'] = "true";
    header("Location: index.php"); // This is wherever you want to redirect the user to
    exit();

} else {
     $_SESSION['loggedIn'] = "false";
     echo '<div class="errormsgbox">Your username and password combo was incorrect!</div>';
     var_dump($result);
    echo $sql;
}
}

if ($_SESSION['loggedIn'] = "true") {
    echo '<div class="success">You are now logged in!</div>';
}

if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
    // last request was more than 30 minutes ago
    session_unset();     // unset $_SESSION variable for the run-time 
    session_destroy();   // destroy session data in storage
}
$_SESSION['loggedin'] = time(); // update last activity time stamp

?>

Answer 1

采用：

session_start();

具有以下任一条件：

session_destroy();
session_unset();
unset($_SESSION["loggedin"]);
$_SESSION = array();

Answer 2

我可以在您的代码中看到两个错误：

• 您尚未开始会话
• 您尚未告诉代码要取消/销毁哪个会话

开始会议：

将其作为您的PHP代码的第一行： session_start();

注销

让我们仔细看一下这段代码：

if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
    // last request was more than 30 minutes ago
    session_unset();     // unset $_SESSION variable for the run-time 
    session_destroy();   // destroy session data in storage
}

您尚未告诉代码要unset或destroy哪个会话！

为此，必须在括号内包括一个会话变量。

试试这个代码：

if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
session_unset($_SESSION['loggedin']);     // unset $_SESSION variable for the run-time 
session_destroy($_SESSION['loggedin']);   // destroy session data in storage
} 

我所做的只是告诉代码要unset和destroy哪个会话

更新
如果那不适合您，请尝试此操作。

if (isset($_SESSION['loggedin']) && (time() - $_SESSION['loggedin'] > 1800)) {
// last request was more than 30 minutes ago
unset($_SESSION['loggedin']);     // unset $_SESSION variable for the run-time 
$_SESSION['loggedin'] = "false";
} 

要查看的另一件好事是具有注销按钮。 此处说明： 注销按钮php

希望这对您有所帮助，如果可以进一步帮助，请告诉我！

Answer 3

在脚本中注销某人时，只需执行以下操作：

session_start();
unset($_SESSION);
session_destroy();

您还应该在上面显示的login.php中的某个时刻调用session_start() 。

Answer 4

我会尝试使用此功能：

function logout(){
    if(session_id() == '') { // start session if none found
        session_start();
    }

    session_unset();         
    session_destroy();
    unset($_SESSION['loggedIn']);
}

使用此功能所需要做的只是调用logout（）;。 您想让此人登出的位置。