不同/单独的会话前端和后端

时间:2013-04-11 05:16:55

标签: php session login frontend backend

首先,我的英语不太好。

嗨,我的项目有问题

我创建了一个网站,允许您从前端(作为成员)和管理员登录。 我使用不同的用户名和密码登录到(前端和后端)但是一旦我从后端注销,前端也会注销。

我认为这是因为我运行session_destroy()脚本,它会破坏包括前端会话在内的所有会话。

我尝试使用Zend FrameworkJoomlaPHP

进行搜索

2 个答案:

答案 0 :(得分:0)

您应该为不同的会话创建不同的变量..

以下是一些可能会派上用场的例子。

<?php 
 // you have to open the session to be able to modify or remove it 
 session_start(); 

 // to change a variable, just overwrite it 
 $_SESSION['size']='large'; 

 //you can remove a single variable in the session 
 unset($_SESSION['shape']); 

 // or this would remove all the variables in the session, but not the session itself 
 session_unset(); 

 // this would destroy the session variables 
 session_destroy(); 
 ?> 

希望有所帮助......

答案 1 :(得分:0)

我想这是您以admin登录时的会话:

$_SESSION['user']['id'] = 1;
$_SESSION['user']['group'] = 'admin';
...

但是,当您只是user时,这是您的会话:

$_SESSION['user']['id'] = 99;

无论您的logout.php位于何处,请执行与此类似的操作:

if ($_SESSION['user']['group'] == 'admin')
    $_SESSION['user']['group'] = null;
else
    destroy_session();

我希望你有这个想法!

<强>更新

这可能有效:

/* Do NOT unset the $_SESSION['user']['role'] */

if ($_SESSION['user']['role'] == 'user') {

    /* For Users */
    $_SESSION['user']['login'] = false;
    $_SESSION['user']['id'] = null;
    $_SESSION['user']['last-visit'] = null;
    $_SESSION['user']['ip'] = null;
}

if ($_SESSION['user']['role'] == 'admin') {

    /* Unset Admin Specific Variables */
    $_SESSION['admin']['login'] = false;
    $_SESSION['admin']['id'] = null;
    $_SESSION['admin']['last-visit'] = null;
    $_SESSION['admin']['ip'] = null;
}

/* Get rid of session_destroy() */
// session_destroy();

顺便说一句,你只是手动重置变量,这在某种程度上等于完全破坏会话,但仍然保持会话在另一方保持活跃。

更好

/* Assign the `user_id` to the session, when you log in ... */
/* login.php */

$_SESSION[$user_id] = array();

/* Now fill-up the new array with data ... */
$_SESSION[$user_id]['role'] = 'admin';
$_SESSION[$user_id]['login'] = true;

/* When you want to Log out, just simply null the array based on the user_id again */
/* logout.php */

$_SESSION[$user_id] = null;

/* Here you go, as long as you have different user_id in your database, 
   you have separated sessions! */