我的注销脚本有问题。我试图破坏会话或杀死cookie但它不会消失。
if (!isset($_SESSION['user_id'])) {
if (isset($_POST['submit'])) {
// Connect to the database
$dbc = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME);
if ($dbc == null) {
$error_msg = '<br/>EROARE: conexiunea la baza de date a esuat<br/>';
}
$error_msg = 'succes<br/>';
// Grab the user-entered log-in data
$user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
$user_username = PREG_REPLACE("/[^0-9a-zA-Z.-@_]/i", '', $user_username);
$user_password = mysqli_real_escape_string($dbc, trim($_POST['password']));
$user_password = PREG_REPLACE("/[^0-9a-zA-Z]/i", '', $user_password);
if (!empty($user_username) && !empty($user_password))
{
$query = "SELECT * FROM Admin WHERE username = '$user_username' AND password = SHA('$user_password')";
$data = mysqli_query($dbc, $query);
if (mysqli_num_rows($data) == 1) {
// The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
$row = mysqli_fetch_array($data);
$_SESSION['admin_id'] = $row['id_client'];
$_SESSION['admin'] = $row['username'];
setcookie('id_admin', $row['id_admin'], time() + (60 * 60 * 24 * 2)); // expires in 30 days
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/admin/index.php?admin='.$row['id_admin'].'&cat=index';
header('Location: ' . $home_url);
//==================LOGGING THE INFORMATION
$fp = @fopen ($jurnal, "a");
if ($fp == NULL) {
echo 'EROARE - nu a fost posibila deschiderea fisierului jurnal!';
exit();
}
//exclusive lock
lock ($fp);
//Writing information into the index_upload file
$submitdate = date('l jS \of F Y h:i:s A');
$utilizator = $_SESSION['username'];
$adresa = $_SERVER['REMOTE_ADDR'];
fwrite ($fp, "========================================\r\n");
fwrite ($fp, "LOGIN OK\r\n");
fwrite ($fp, "Utilizator: $utilizator\r\n");
fwrite ($fp, "Conexiune de la adresa IP: $adresa\r\n");
fwrite ($fp, "Data: $submitdate\r\n");
fwrite ($fp, "\r\n");
// Unlock the file, this is the same as flock($fp, LOCK_UN);
unlock ($fp);
@fclose ($fp);
/////////////////////////////////////////////////////////////////////////////
}
else {
}
}
else {
// The username/password are incorrect so set an error message
$error_msg = 'EROARE: pentru autentificare aveti nevoie de un nume de utilizator si o parola valide!';
}
}
else {
// The username/password weren't entered so set an error message
$error_msg = 'EROARE: pentru a va putea autentifica in sistem, va rugam introduceti un nume de utilizator si o parola!';
}
}
我试过这个:
<?
session_start();
session_unset();
session_destroy();
header("location:home.php");
exit();
?>
和此:
<?php
setcookie('id_admin', '', time()-60*60*24*2);
?>
答案 0 :(得分:0)
根据PHP手册session_destroy(),以下代码应该销毁$ _SESSION:
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>