我正在构建一个成员系统,但我有一个登出问题。
当我按下注销按钮时,我被重定向到登录页面,但是当我直接从浏览器访问用户更新页面时,即使我已经注销,我仍然会登录。
如果我进入登录页面并再次登录并访问用户更新页面,我可以看到以前的用户数据,而不是我的。
你可以到这里:http://dailypaychecknetwork.com/account/createnewuser.php并为自己创建一个帐户测试。
以下是我的注销和member-config.php脚本,非常感谢任何帮助。谢谢。
member-config.php脚本:
//Require DB connection
require_once dirname(__FILE__) . "/connect.php";
//Pages to require
require_once dirname(__FILE__) . "/languages/en.php";
require_once dirname(__FILE__) . "/class.newuser.php";
require_once dirname(__FILE__) . "/class.user.php";
require_once dirname(__FILE__) . "/funcs.php";
session_save_path("/home/users/web/b1951/moo.dailypaychecknetwork/cgi-bin/tmp");
session_start();
//Global User Object Var
//loggedInUser can be used globally if constructed
if(isset($_SESSION["userCakeUser"]) && is_object($_SESSION["userCakeUser"]))
{
$loggedInUser = $_SESSION["userCakeUser"];
}
退出脚本:
require_once("models/member-config.php");
//Log the user out
/*if(isUserLoggedIn())
{
$loggedInUser->userLogOut();
}*/
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
header("Location: login.php");
die();
更新脚本:
require_once("models/member-config.php");
//Prevent the user visiting the page if he is not logged in
if($loggedInUser == NULL){ header("Location: login.php"); die(); }
if(isset($_POST['dpnupdate']))
{
$errors = array();
$email = $_POST["email"];
$fname = $_POST["fname"];
$lname = $_POST["lname"];
$phone = $_POST["phone"];
$znzsid = $_POST["znzsid"];
$znzdid = $_POST["znzdid"];
$enid = $_POST["enid"];
$znztl = $_POST["znztl"];
//Update a users email
if($email != $loggedInUser->email)
{
if(trim($email) == "")
{
$errors[] = lang("EMAIL_EMPTY");
}
else if(!isValidEmail($email))
{
$errors[] = lang("ACCOUNT_INVALID_EMAIL");
}
else if(emailExists($email))
{
$errors[] = lang("EMAIL_EXIST", array($email));
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateEmail($email);
$successes[] = lang("ACCOUNT_EMAIL_UPDATED");
}
}
//Update a users first name
if($fname != $loggedInUser->fname)
{
if(trim($fname) == "")
{
$errors[] = lang("FIRST_NAME_EMPTY");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateFirstname($fname);
$successes[] = lang("ACCOUNT_FIRST_NAME_UPDATED");
}
}
//Update a users last name
if($lname != $loggedInUser->lname)
{
if(trim($lname) == "")
{
$errors[] = lang("LAST_NAME_EMPTY");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateLastname($fname);
$successes[] = lang("ACCOUNT_LAST_NAME_UPDATED");
}
}
//Update a users phone number
if($phone != $loggedInUser->phone)
{
if(trim($phone) == "")
{
$errors[] = lang("PHONE_NUMBER_EMPTY");
}
else if(!is_numeric($phone)){
$errors[] = lang("PHONE_IS_NUMERIC");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updatePhone($phone);
$successes[] = lang("ACCOUNT_PHONE_NUMBER_UPDATED");
}
}
//Update a users znz single id
if($znzsid == 'optional' || $znzsid == $loggedInUser->znzsingle)
{} else{
if(trim($znzsid) == "")
{
$errors[] = lang("ZNZ_SINGLE_EMPTY");
}
else if(!is_numeric($znzsid)){
$errors[] = lang("ZNZ_SINGLE_IS_NUMERIC");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateZnzsingle($znzsid);
$successes[] = lang("ACCOUNT_ZNZ_SINGLE_UPDATED");
}
}
//Update a users znz double id
if($znzdid == 'optional' || $znzdid == $loggedInUser->znzdouble)
{} else{
if(trim($znzdid) == "")
{
$errors[] = lang("ZNZ_DOUBLE_EMPTY");
}
else if(!is_numeric($znzdid)){
$errors[] = lang("ZNZ_DOUBLE_IS_NUMERIC");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateZnzdouble($znzdid);
$successes[] = lang("ACCOUNT_ZNZ_DOUBLE_UPDATED");
}
}
//Update a users empoer network id
if($enid != $loggedInUser->empowerid)
{
if(trim($enid) == "")
{
$errors[] = lang("EMPOWER_NETWORK_EMPTY");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateEmpowerid($enid);
$successes[] = lang("ACCOUNT_EMPOWER_NETWORK_UPDATED");
}
}
//Update a users znzadteam link
if($znztl != $loggedInUser->znzadteamlink)
{
if(trim($znztl) == "")
{
$errors[] = lang("ZNZADTEAM_LINK_EMPTY");
}
//End data validation
if(count($errors) == 0)
{
$loggedInUser->updateZnzadteam($znztl);
$successes[] = lang("ACCOUNT_ZNZADTEAM_LINK_UPDATED");
}
}
if(count($errors) == 0 AND count($successes) == 0){
$errors[] = lang("NOTHING_TO_UPDATE");
}
}
//Update password
if(isset($_POST['dpnupdatepass']))
{
$errors = array();
$successes = array();
$password = $_POST["oldpass"];
$password_new = $_POST["newpass"];
//Confirm the hashes match before updating a users password
$entered_pass = md5($password);
if (trim($password) == ""){
$errors[] = lang("PASSWORD_EMPTY");
}
else if($entered_pass != $loggedInUser->pass)
{
//No match
$errors[] = lang("ACCOUNT_PASSWORD_INVALID");
}
if ($password_new != "")
{
if(trim($password_new) == "")
{
$errors[] = lang("PASSWORD_EMPTY");
}
//End data validation
if(count($errors) == 0)
{
//Also prevent updating if someone attempts to update with the same password
$entered_pass_new = md5($password_new);
if($entered_pass_new == $loggedInUser->pass)
{
//Don't update, this fool is trying to update with the same password ¬¬
$errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE");
}
else
{
//This function will create the new hash and update the pass property.
$loggedInUser->updatePassword($password_new);
$successes[] = lang("ACCOUNT_PASSWORD_UPDATED");
}
}
}
if(count($errors) == 0 AND count($successes) == 0){
$errors[] = lang("NOTHING_TO_UPDATE");
}
}
require_once("../includes/header.php");
echo "
<div class='main-content-wrap'>
<div class='back'> <a href='http://dailypaychecknetwork.com/account/account.php'>< BACK OFFICE</a></div>
<h2 class='center-title'>Update your info</h2>
<div class='main-content'>
<div id='main'>";
echo resultBlock($errors,$successes);
echo "
<div id='regbox'>
<form name='newUser' action='".$_SERVER['PHP_SELF']."' method='post'>
<table cellpadding='3px' class='mtext'>
<tbody>
<tr>
<td class='tdSubHeader'><label>Email</label></td>
<td class='tdContent'><input type='text' name='email' value='".$loggedInUser->email."' size='25'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>First Name</label></td>
<td class='tdContent'><input type='text' name='fname' value='".$loggedInUser->fname."' size='25'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>Last Name</label></td>
<td class='tdContent'><input type='text' name='lname' value='".$loggedInUser->lname."' size='25'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>Phone</label></td>
<td class='tdContent'><input type='text' name='phone' value='".$loggedInUser->phonee."' size='25'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>ZNZ Single ID #</label></td>
<td class='tdContent'><input type='text' name='znzsid' value='".(($loggedInUser->znzsingle == 1313434) ? 'optional' : $loggedInUser->znzsingle)."' size='40'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>ZNZ Double ID #</label></td>
<td class='tdContent'><input type='text' name='znzdid' value='".(($loggedInUser->znzdouble == 1314445) ? 'optional' : $loggedInUser->znzdouble)."' size='40'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>Empower Network ID</label></td>
<td class='tdContent'><input type='text' name='enid' value='".$loggedInUser->empowerid."' size='40'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>ZNZADTEAM LINK</label></td>
<td class='tdContent'><input type='text' name='znztl' value='".$loggedInUser->znzadteamlink."' size='40'/></td>
</tr>
</tbody>
</table>
<br>
<div style='float:left;'><input type='submit' name='dpnupdate' value='Save Changes'></div>
</form>
</div>
</div>
</div>
<div class='sidebar-update'>
<div class='third-party-autoresponder'>
<h2>3rd Party Autoresponder</h2>
</div>
<hr>
<div class='change-password'>
<h2>Change Password</h2>
<form name='newUser' action='".$_SERVER['PHP_SELF']."' method='post'>
<table cellpadding='3px' class='mtext'>
<tbody>
<tr>
<td class='tdSubHeader'><label>Old Password</label></td>
<td class='tdContent'><input type='password' name='oldpass' size='25'/></td>
</tr>
<tr>
<td class='tdSubHeader'><label>New Password</label></td>
<td class='tdContent'><input type='password' name='newpass' size='25'/></td>
</tr>
</tbody>
</table>
<br>
<div><input type='submit' name='dpnupdatepass' value='Save New Password'></div>
</form>
</div>
</div>
</div>
";
require_once("../includes/footer.php");