用户同时登录网站后,我遇到了有关共享会话的问题。当最后一个用户登录时,每个用户都会查看最后一个用户的帐户,这是不合适的(我猜安全问题)。所有用户必须登录同一网站,并且必须仅为特定用户显示输出。
我正在使用PHP代码。有没有人也经历过这些情景?这是代码
function validate_login(){
$userName= trim((isset($_POST['username']) === TRUE ? $_POST['username'] : ''));
$userPass= trim((isset($_POST['userpass']) === TRUE ? $_POST['userpass'] : ''));
$userNameArray = explode("@", $userName);
$userName = $userNameArray[0];
$compLogin = ((isset($userNameArray[1]) === TRUE ? $userNameArray[1]: ''));
$KeepAlive = new KeepAlive();
if(isset($userNameArray[1])){
if(!$this->Login->checkattempt('admin')){
$loginArray = array(
'login' => $userName,
'comp_login_string' => $compLogin,
'pass' => $cryptography->encryptPassword($userPass)
);
$userCredentials = $this->Login->getLogin($loginArray);
if(!empty($userCredentials)){
$_SESSION['userCredentials'] = $userCredentials[0];
header('Content-Type: application/json');
$_SESSION['employee_user'] = '0';
$_SESSION['emp_id'] = '0';
$_SESSION['page']['client_ip_address'] = $KeepAlive->get_client_ip();
$_SESSION['page']['last_trans_time'] = time();
$this->Login->clear_attempt_log($_POST, 'admin');
echo json_encode(array('id' => $userCredentials[0]['id']));
}
} else {
array_shift($loginArray);
$this->Login->attempt_log($_POST, 'admin');
header('Content-Type: application/json');
echo json_encode(array('id' => '-1'));
}
} else {
echo json_encode(array('id' => '-2'));
}
}