取消设置$ _SESSION无效

时间:2013-05-26 18:04:33

标签: php sql facebook facebook-php-sdk

您好我制作了一个与Facebook连接并注册用户的代码,然后它使用户登录,一切都很好..当他们登录我设置

$_SESSION['id']

我的猜测是,如果没有设置,用户将从我的网站注销,并且它不会被“自动连接”..

因为之前它就像一个循环,每次我退出时,它都会使用facebook连接再次登录,即使用户还没有clic“登录facebook”......

编辑:我改变了一个条件并且知道不是“循环”我可以退出该网站..

但会议,并非未设置!,为什么,只是将cookie设置为''但是,=(会话未设置

这是我的代码

<?php
//
// uses the PHP SDK. Download from https://github.com/facebook/php-sdk
include("facebook-php-sdk-master/src/facebook.php");

//
// from the facebook app page
define('YOUR_APP_ID', '');
define('YOUR_APP_SECRET', '');

//
// new facebook object to interact with facebook
$facebook = new Facebook(array(
 'appId' => YOUR_APP_ID,
 'secret' => YOUR_APP_SECRET,
));
//
// if user is logged in on facebook and already gave permissions
// to your app, get his data:
$userId = $facebook->getUser();

?>

身体

<?php
echo $_SESSION['id'];

if ($userId) {
 //
 // already logged? show some data
 $userInfo = $facebook->api('/' + $userId);





 if (isset($userInfo['email']) || isset($_SESSION['id']))

{ include "facebookregister.php"; } else { echo "no hay permisos de facebook"; }

} else {
 //
 // use javaascript api to open dialogue and perform
 // the facebook connect process by inserting the fb:login-button
 ?>
 <div id="fb-root"></div>
 <fb:login-button scope='email,user_birthday'></fb:login-button>
 <?php
}
?>
 <script>
 window.fbAsyncInit = function() {
 FB.init({
 appId : <?=YOUR_APP_ID?>,
 status : true,
 cookie : true,
 xfbml : true,
 oauth : true,
 });


FB.Event.subscribe('auth.login', function(response) {
 // ------------------------------------------------------
 // This is the callback if everything is ok
 window.location.reload();
 });
 };

(function(d){
 var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
 js = d.createElement('script'); js.id = id; js.async = true;
 js.src = "//connect.facebook.net/en_US/all.js";
 d.getElementsByTagName('head')[0].appendChild(js);
 }(document));
</script>

facebookregister.php

<?PHP 
echo "<p>YOU ARE: <strong>". $userInfo['name'] ."</strong><br/>";
echo "Your birth date is: ".$userInfo['birthday']."</p>";
echo "Your mail is: ".$userInfo['email']."</p>";

echo "Your mail is: ".$userInfo['username']."</p>";



//$name = $userInfo['name'];
$first_name = $userInfo['first_name'];
$last_name = $userInfo['last_name'];
$birthday = $userInfo['birthday'];
$username_fb = $userInfo['username'];
$email = $userInfo['email'];
$gender = $userInfo['gender'];
$status = 1;

function generateRandomString($length = 10) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!';
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, strlen($characters) - 1)];
    }
    return $randomString;
}


    $db= DAL::get_instance();           



    //select all rows from our users table where the emails match
                                    $count=$db->read_single_column("select count(id) from ".TABLE_PREFIX."users where email=? and status=1", array($email));
 echo "Aqui".$count;
                                    //if the number of matchs is 1
                                    if($count == 1){
                                        //the email address supplied is taken so just login user 


                                    $res=$db->execute_query("select * from ".TABLE_PREFIX."users where email=?",array($email));
                    $v=$res->fetch_assoc();
                    $username=$v['username'];
                    $password=$v['password'];



            $this->set_variable('username',$username);
                    $this->set_variable('password',$password);


                    $query="select id from ".TABLE_PREFIX."users where username=? and password=?";
                    $res=$db->execute_query($query,array($username,$password));

                    $value2=$res->fetch_assoc();
                    $id=$value2['id'];
                    $orig_password=$db->read_single_column("select password from ".TABLE_PREFIX."users where username=? and status=1", array($username));




                    if($password == $orig_password)
                    {
                        $t=time();
                        $sql="update ".TABLE_PREFIX."users set last_login_time=? where id=?";
                        $res=$db->execute_query($sql,array($t,$id));




                        $srv_nms=BASE;
                        $srv_nms=str_replace("http://","",$srv_nms);
                        $srv_nms=str_replace("https://","",$srv_nms);
                        $srv_nms=str_replace("www.","",$srv_nms);


                        $srv_pats=$srv_nms;

                        $srv_nms_arr=explode("/",$srv_nms);
                        $srv_nms=$srv_nms_arr[0];


                        $srv_pats=str_replace($srv_nms."/","",$srv_pats);


                        setcookie(COOKIE_LOGINID,$id,0,"/".$srv_pats,$srv_nms);
                        setcookie(COOKIE_USERNAME,$username,0,"/".$srv_pats,$srv_nms);
                        setcookie(COOKIE_PASSWORD,$orig_password,0,"/".$srv_pats,$srv_nms);
                            $_SESSION['user'] = $email;
                        $_SESSION['id'] = $id;          

        if(LoginHelper::validate_user_login()==0)
        {
            header("Location:index.php");
            exit;
        }


        }


                                    }else{

    //finally, otherwise register there account

                                        //time of register (unix)
                                        $registerTime = date('U');

                                        //make a code for our activation key
                                        $code = md5($username).$registerTime;

                                            $password = $randomString;

                                        $password  = md5($password);

                                        //insert the row into the database
                                         $res=$db->execute_query("INSERT INTO ".TABLE_PREFIX."users (`username`, `password`, `email`, `reg_time`, `status`, `fname`, `lname`) VALUES('".$username_fb."','".$password."','".$email."','".$registerTime."','".$status."','".$first_name."' ,'".$last_name."'  )");

                                        $row=$db->execute_query("SELECT username, password FROM ".TABLE_PREFIX."users WHERE email=".$email."");
                $row_data=$row->fetch_assoc();

                $username=$row_data['username'];
                $password=$row_data['password'];


            $this->set_variable('username',$username);
                    $this->set_variable('password',$password);


                    $query="select id from ".TABLE_PREFIX."users where username=? and password=?";
                    $res=$db->execute_query($query,array($username,$password));

                    $value2=$res->fetch_assoc();
                    $id=$value2['id'];
                    $orig_password=$db->read_single_column("select password from ".TABLE_PREFIX."users where username=? and status=1", array($username));


                    if(md5($password)== $orig_password)
                    {
                        $t=time();
                        $sql="update ".TABLE_PREFIX."users set last_login_time=? where id=?";
                        $res=$db->execute_query($sql,array($t,$id));




                        $srv_nms=BASE;
                        $srv_nms=str_replace("http://","",$srv_nms);
                        $srv_nms=str_replace("https://","",$srv_nms);
                        $srv_nms=str_replace("www.","",$srv_nms);


                        $srv_pats=$srv_nms;

                        $srv_nms_arr=explode("/",$srv_nms);
                        $srv_nms=$srv_nms_arr[0];


                        $srv_pats=str_replace($srv_nms."/","",$srv_pats);


                        setcookie(COOKIE_LOGINID,$id,0,"/".$srv_pats,$srv_nms);
                        setcookie(COOKIE_USERNAME,$username,0,"/".$srv_pats,$srv_nms);
                        setcookie(COOKIE_PASSWORD,$orig_password,0,"/".$srv_pats,$srv_nms);

                        $_SESSION['user'] = $email;
                        $_SESSION['id'] = $id;              



            //header("Location:".$this->make_url('user/home'));
            //exit;

                }                       


                                        //send the email with an email containing the activation link to the supplied email address
                                        mail($email, $username.' registration confirmation', "Thank you for registering to us ".$username.",\n\nHere is your activation link. If the link doesn't work copy and paste it into your browser address bar.\n\nhttp://www.yourwebsitehere.co.uk/activate.php?code=".$code, 'From: noreply@youwebsitehere.co.uk');

                                        //display the success message
                                        echo "<center>You have successfully registered, please visit you inbox to activate your account!</center>";


            header("Location: index.php");
            exit;
                                    }







        ?>

最重要的是。退出行动

function logout_action()
    {
        $srv_nms=BASE;
        $srv_nms=str_replace("http://","",$srv_nms);
        $srv_nms=str_replace("https://","",$srv_nms);
        $srv_nms=str_replace("www.","",$srv_nms);


        $srv_pats=$srv_nms;

        $srv_nms_arr=explode("/",$srv_nms);
        $srv_nms=$srv_nms_arr[0];


        $srv_pats=str_replace($srv_nms."/","",$srv_pats);


        setcookie(COOKIE_LOGINID,"",0,"/".$srv_pats,$srv_nms);
        setcookie(COOKIE_USERNAME,"",0,"/".$srv_pats,$srv_nms);
        setcookie(COOKIE_PASSWORD,"",0,"/".$srv_pats,$srv_nms);

        unset($_SESSION['user']);
unset($_SESSION['id']);
unset($_SESSION['fb_540341239342331_code']);
unset($_SESSION['fb_540341239342331_access_token']);
unset($_SESSION['fb_540341239342331_user_id']);


        header("Location: ".$this->make_url("user/login/l"));
        die;
    }

会议未设置&amp;破坏,测试但不工作..为什么?? 代码

function logout_action()

{
    $srv_nms=BASE;
    $srv_nms=str_replace("http://","",$srv_nms);
    $srv_nms=str_replace("https://","",$srv_nms);
    $srv_nms=str_replace("www.","",$srv_nms);


    $srv_pats=$srv_nms;

    $srv_nms_arr=explode("/",$srv_nms);
    $srv_nms=$srv_nms_arr[0];


    $srv_pats=str_replace($srv_nms."/","",$srv_pats);


    setcookie(COOKIE_LOGINID,"",0,"/".$srv_pats,$srv_nms);
    setcookie(COOKIE_USERNAME,"",0,"/".$srv_pats,$srv_nms);
    setcookie(COOKIE_PASSWORD,"",0,"/".$srv_pats,$srv_nms);

    session_unset();


    header("Location: ".$this->make_url("user/login/l"));
    die;
}

2 个答案:

答案 0 :(得分:7)

不建议以这种方式取消设置会话变量。使用session_unset(),请参阅http://php.net/manual/en/function.session-unset.php

除此之外,您不希望用户计算机上的会话仍然存在,此用途session_destroy()

  

session_unset()只是清除会话以供使用。

答案 1 :(得分:0)

在您的退出脚本中,在setcookie(COOKIE_PASSWORD,"",0,"/".$srv_pats,$srv_nms);

之后添加这些行
include("facebook-php-sdk-master/src/facebook.php");

//
// from the facebook app page
define('YOUR_APP_ID', '_');
define('YOUR_APP_SECRET', '_');

//
// new facebook object to interact with facebook
$facebook = new Facebook(array(
 'appId' => YOUR_APP_ID,
 'secret' => YOUR_APP_SECRET,
));
$logout = $facebook->getLogoutUrl(array("next"=>'your url after user logs out'));
$facebook->destroySession();
//destroy your sessions created by your site also using session_destroy();

/* don't forget to remove header("Location: ".$this->make_url("user/login/l")); */
header("Location:$logout");