[英]Log out user from php session
當用戶登錄時,我希望他們有一個按鈕可以注銷並重定向到他們所在的頁面,但是,它具有一些附加功能,稱為。 不幸的是,當按下注銷按鈕時,什么也沒有發生。
這是logout.php文件的代碼。
<input type="submit" type="submit" name="submit" value="Log out">
<?php
if (isset($_POST['submit'])){
session_start();
$_SESSION = array();
if (ini_get("session.use_cookies")) {
$yesterday = time() - (24 * 60 * 60); $params = session_get_cookie_params();
setcookie(session_name(), '', $yesterday,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"] );
}
session_destroy();
header('Location: '.$_SERVER['PHP_SELF']);
}
?>
session_start()
繼續會話 $_SESSION['uname']
是否為空...如果為空,則通過調用session_destroy()
銷毀會話 header("/")
// HTML
<a href="logout.php">logout</a>
-要么-
<input type="button" value="Logout" onclick="window.location.href = 'logout.php';">
-要么-
<button onclick="window.location.href = 'logout.php';">Logout</button>
//注銷
<?php
//continue current session
session_start();
//check to see if session variable (uname) is set
//if set destroy the session
if(!empty($_SESSION['uname'])){
session_destroy();
}
//redirect the user to the home page
header("Location: /");
?>
只需將其另存為“ login.php ”並從瀏覽器訪問即可。 UserId是“ user ”,密碼是“ pass ”。
<?php session_start(); ?>
<?php if ( array_key_exists( 'uid', $_SESSION ) ): ?>
<?php /* if $_SESSION['uid'] is set, user is already logged in */ ?>
<?php if ( array_key_exists( 'cmd', $_GET ) && $_GET['cmd']==='logout' ): ?>
<?php
unset( $_SESSION[ 'uid' ] );
unset( $_SESSION[ 'error' ] );
session_destroy();
?>
<h1>See you soon!</h1>
Click
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?r=<?php echo md5(uniqid(rand())); ?>">here</a>
if you don't get redirected automatically within 5 seconds.
<script type="text/javascript">
setTimeout( function() {
location.href = "<?php echo addslashes( $_SERVER['PHP_SELF'] ); ?>?r=<?php echo md5(uniqid(rand())); ?>";
}, 5000 );
</script>
<?php else: ?>
<h1>You are logged in</h1>
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?cmd=logout&r=<?php echo md5(uniqid(rand())); ?>">Log Out</a> |
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?r=<?php echo md5(uniqid(rand())); ?>">Refresh</a>
<?php endif; ?>
<?php else: ?>
<?php /* user is not logged in */ ?>
<?php if ( strtolower($_SERVER['REQUEST_METHOD']) == 'post' ): ?>
<?php
// login (POST) request, let's check if credentials
// are correct
unset( $_SESSION['error'] );
if ( array_key_exists( 'userid', $_POST ) && array_key_exists( 'passwd', $_POST ) )
{
$userid = trim( $_POST['userid'] );
$passwd = trim( $_POST['passwd'] );
if ( $userid === '' )
{
$_SESSION['error'] = 'No userid supplied';
}
elseif ( $passwd === '' )
{
$_SESSION['error'] = 'No password supplied';
}
elseif ( $userid !== 'user' || $passwd !== 'pass' )
{
$_SESSION['error'] = 'Wrong userid or password';
}
else
{
$_SESSION['uid'] = $userid;
// from now on, the user is logged in
}
}
else
{
$_SESSION['error'] = 'Missing userid or password';
}
// redirect the user anyways
// this gets rid of posted data if this was a POST,
// so when user reloads the page it doesn't try to
// re-authenticate
// Can be a different URL if user is logged in
// successfully
header( 'Location: ' . $_SERVER['PHP_SELF'] . '?r=' . md5(uniqid(rand())) );
exit;
?>
<?php else: ?>
<?php /* user not logged in, let's display login form */ ?>
<h1>Log In</h1>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<label for="user-id">User Id</label>
<input type="text" name="userid" id="user-id" />
<label for="user-pwd">Password</label>
<input type="password" name="passwd" id="user-pwd" />
<input type="submit" value="Log In" />
</form>
<?php /* in case any errors occured, show them */ ?>
<?php if ( array_key_exists( 'error', $_SESSION ) && $_SESSION['error'] ): ?>
<div class="error-msg"><?php echo $_SESSION['error']; ?></div>
<?php endif; ?>
<?php endif; ?>
<?php endif; ?>
然后,在您網站的任何其他(PHP)頁面中,可以通過檢查以下內容來限制對經過身份驗證的用戶的訪問:
<?php
if ( array_key_exists( 'uid', $_SESSION ) )
{
/* user is logged in, do whatever */
}
else
{
/* user is NOT logged in, do whatever else */
}
?>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.