[英]Confusing the session codeigniter function, the page logout() function doesn't work
我已經在這篇文章https://www.malasngoding.com/membuat-login-dengan-code中嘗試了 codeigniter session
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class User extends CI_Controller
{
/**
* Index Page for this controller.
*
* Maps to the following URL
* http://example.com/index.php/welcome
* - or -
* http://example.com/index.php/welcome/index
* - or -
* Since this controller is set as the default controller in
* config/routes.php, it's displayed at http://example.com/
*
* So any other public methods not prefixed with an underscore will
* map to /index.php/welcome/<method_name>
* @see https://codeigniter.com/user_guide/general/urls.html
*/
public function __construct()
{
parent::__construct();
$this->load->helper(array('form', 'url'));
$this->load->model('user_model');
$this->load->library('session');
}
//Login sudah bisa
function action_login()
{
$user_email = $this->input->post('user_email');
$user_password = $this->input->post('user_password');
$wheredatasession = array(
'user_email' => $user_email,
'user_password' => md5($user_password)
);
$cek = $this->user_model->ceklogintolong($wheredatasession)->num_rows();
if ($cek > 0) {
$data_session = array(
'nama' => $user_email,
'status' => "login"
);
$this->session->set_userdata($data_session);
// $this->session->set_userdata($data_session);
// echo "Berhasil";
// print_r($where);
redirect('User/homeinfouser');
} else {
echo "Pass uname salah";
// print_r($where);
}
}
//Login menuju home info sudah bisa http://localhost/webcismppgri/User/homeinfouser
function homeinfouser()
{
// echo "OK Tolong";
// $hasil['print'] = $this->user_model->getinfo();
$hasil['print'] = $this->user_model->getinfo();
// print_r($hasil);
// $judul_user['juduldashboard'] = "Dashboard User";
$this->load->view('templates/sbadmin/header');
// $this->load->view('templates/dashboard/index',$judul_user);
// $this->load->view('templates/dashboard/page _informasi', $judul_user);
$this->load->view('templates/sbadmin/sidebar');
$this->load->view('templates/dashboard/page_informasi', $hasil);
// $this->load->view('templates/sbadmin/footer');
$this->load->view('templates/sbadmin/footer');
// var_dump($hasilview);
// $this->load->view('templates/dashboard/indextesdata',$hasil);
}
//Fungsi Logout
function logout()
{
$this->session->sess_destroy();
redirect('Landing', 'refresh');
}
}
嘗試點擊導航回到chrome瀏覽器頁面(右箭頭導航或前進),仍然可以用之前訪問的頁面打開,即使我提供了以下代碼
// Logout function
function logout ()
{
$ this-> session-> sess_destroy ();
redirect ('Landing', 'refresh');
}
In your controller User
, you need to check if a "reserved" function is called (a function, which needs the user to be logged in) that there is an existing session.
在您的示例中,如果您點擊后退按鈕,您將返回 function homeinfouser()
,但由於沒有檢查有效的 session,即使您已注銷,它也會被執行。
只需放置一個小代碼即可檢查 session:
function homeinfouser()
{
// no Session, no play
if( !isset($_SESSION['status']) ){
redirect('Landing', 'refresh');
exit();
}
//... your other code
}
旁注:使用 md5 作為密碼 hash 是不好的做法。 關於密碼散列,請閱讀MD5 作為密碼散列 function 有多弱?
正確的長這樣。。
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class User extends CI_Controller
{
/**
* Index Page for this controller.
*
* Maps to the following URL
* http://example.com/index.php/welcome
* - or -
* http://example.com/index.php/welcome/index
* - or -
* Since this controller is set as the default controller in
* config/routes.php, it's displayed at http://example.com/
*
* So any other public methods not prefixed with an underscore will
* map to /index.php/welcome/<method_name>
* @see https://codeigniter.com/user_guide/general/urls.html
*/
public function __construct()
{
parent::__construct();
$this->load->helper(array('form', 'url'));
$this->load->model('user_model');
$this->load->library('session');
if (!$this->session->userdata('status')) {
redirect('Landing','refresh');
}
}
//Login sudah bisa
function action_login()
{
$user_email = $this->input->post('user_email');
$user_password = $this->input->post('user_password');
$wheredatasession = array(
'user_email' => $user_email,
'user_password' => md5($user_password)
);
$cek = $this->user_model->ceklogintolong($wheredatasession)->num_rows();
if ($cek > 0) {
$data_session = array(
'nama' => $user_email,
'status' => "login"
);
$this->session->set_userdata($data_session);
// $this->session->set_userdata($data_session);
// echo "Berhasil";
// print_r($where);
redirect('User/homeinfouser');
} else {
echo "Pass uname salah";
// print_r($where);
}
}
//Login menuju home info sudah bisa http://localhost/webcismppgri/User/homeinfouser
function homeinfouser()
{
// echo "OK Tolong";
// $hasil['print'] = $this->user_model->getinfo();
$hasil['print'] = $this->user_model->getinfo();
// print_r($hasil);
// $judul_user['juduldashboard'] = "Dashboard User";
$this->load->view('templates/sbadmin/header');
// $this->load->view('templates/dashboard/index',$judul_user);
// $this->load->view('templates/dashboard/page _informasi', $judul_user);
$this->load->view('templates/sbadmin/sidebar');
$this->load->view('templates/dashboard/page_informasi', $hasil);
// $this->load->view('templates/sbadmin/footer');
$this->load->view('templates/sbadmin/footer');
// var_dump($hasilview);
// $this->load->view('templates/dashboard/indextesdata',$hasil);
}
//Fungsi Logout
function logout()
{
$this->session->sess_destroy();
redirect('Landing', 'refresh');
}
}
它根據場景工作,感謝您的參與。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.