会话签入用户页面

时间:2014-09-25 19:48:57

标签: php mysql session mysqli

因此,会话上有很多帖子,但是,如果用户注销并尝试访问仅限成员的页面,则没有一个帖子能够将用户重定向到另一个页面。我正在寻找一旦退出的会话,你就不能回去了。可以理解的是,这将需要java脚本,相反,我希望禁用复制和粘贴Web地址直接进入浏览器,如果他们这样做,并且他们没有登录,他们应该被重定向到登录页面。这是代码......

**所有会员页面都以此开头:

if( !isset( $_SESSION ) ){
    session_start();        
}else{
    header("Location:login.php");
}

include("connection.php");

**连接页面只连接数据库,简单名称和密码或死亡。

** su.php。此页面是登录或注册时启动会话的页面。记录我们实际记录它们,问题是任何人都可以输入profile.php的地址并将其拉出来。

if( !isset( $_SESSION ) ){
    session_start();
}

    if($_GET["logout"]==1 AND $_SESSION['id']) { session_destroy();

            header("Location:logout.php");          
    }

include("connection.php");

if ($_POST['submit']=="Sign Up") {

    if (!$_POST['email']) $error.="<br />Please enter your email";
        else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address";

    if (!$_POST['password']) $error.="<br />Please enter your password";
        else {

        if (strlen($_POST['password'])<8) $error.="<br />Please enter a password with at least 8 characters";
        if (!preg_match('`[A-Z]`', $_POST['password'])) $error.="<br />Please enter at least 1 capital letter";

        }

     if ($error) $error = "There were error(s) in your signup details:".$error;
     else {


        $query = "SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['email'])."'";

        $result = mysqli_query($link, $query);

        $results = mysqli_num_rows($result);

        if ($results) $error = "That email address is already registered";

        else {

            $query="INSERT INTO `users` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')";

            mysqli_query($link, $query);

            $message = "You've been signed up!";

            $_SESSION['id']=mysqli_insert_id($link);              

            header("Location:registration.php");

        }

    }

}

 if ($_POST['submit']=="Log In") {

    $query="SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['loginemail'])."' AND password='".md5(md5($_POST['loginemail']).$_POST['loginpassword'])."' LIMIT 1";

    $result = mysqli_query($link, $query);

    $row = mysqli_fetch_array($result);

    if ($row) {

        $_SESSION['id']=$row['id'];

            header("Location:dashboard.php");

        } else {

         $loginerror = "We could not find a user with that email and password. Please try again.";

        }

    }

1 个答案:

答案 0 :(得分:1)

<?php
session_start();
if(isset($_SESSION['id']))
{
?>

会员页面内容

<?php
}
else
{
 header("Location:login.php");
}
?>

<强>解释
最初你应该启动会话,然后你应该检查你传递的会话变量是否存在于该成员页面。

或者你可以简单地拥有

<?php
session_start();
if(!isset($_SESSION['id']))
{
 header("Location:login.php");
}
?>

位于页面顶部

相关问题
最新问题