[英]Redirecting if Login Session Expires in php
我正在嘗試在會話時間到期時注銷。 我使用以下代碼:
home.php
session_start();
require_once 'class.user.php';
$user_home = new USER();
if($user_home->isLoginSessionExpired()) {
header("Location:logout.php?session_expired=1");
}
if(!$user_home->is_logged_in())
{
$user_home->redirect($web);
}
class.user.php
public function isLoginSessionExpired() {
$login_session_duration = 10;
$current_time = time();
if(isset($_SESSION['loggedin_time']) and isset($_SESSION["userSession"])){
if(((time() - $_SESSION['loggedin_time']) > $login_session_duration)){
return true;
}
}
return false;
}
public function is_logged_in()
{
if(isset($_SESSION['userSession']))
{
return true;
}
}public function logout()
{
session_destroy();
$_SESSION['userSession'] = false;
}public function login($uname,$upass)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM tbl_users WHERE userName=:username");
$stmt->execute(array(":username"=>$uname));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['userStatus']=="Y")
{
if($userRow['userPass']==md5($upass))
{
$_SESSION['userSession'] = $userRow['userID'];
$_SESSION['user_name'] = $userRow['userName'];
return true;
}
else
{
header("Location: index.php?error");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
logout.php
<?php
session_start();
require_once 'class.user.php';
$user = new USER();
if(!$user->is_logged_in())
{
$user->redirect($web);
}
if($user->is_logged_in()!="")
{
$user->logout();
$user->redirect($web);
}
$url = $web;
if(isset($_GET["session_expired"])) {
$url .= "?session_expired=" . $_GET["session_expired"];
}
header("Location:$url");
?>
的login.php
<?php
session_start();
require_once 'class.user.php';
$user_login = new USER();
if($user_login->is_logged_in()!="")
{
$user_login->redirect($web.$_SESSION['user_name']);
}
if(isset($_POST['btn-login']))
{
$uname = trim($_POST['txtuname']);
$upass = trim($_POST['txtupass']);
if($user_login->login($uname,$upass))
{
$user_login->redirect($uname);
}
}
?>
但是我的代碼不起作用! 如何解決我的問題?
User
的logout()
方法中的問題。
因為如果您這樣做$_SESSION['userSession'] = false;
isset($_SESSION["userSession"])
仍然會為您提供true
。 所以在class.user.php中,它應該是:
public function logout(){
session_destroy();
unset($_SESSION['userSession']);
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.