我希望用户在注册或登录我的网站时登录多年。
只有在单击“注销”时才会销毁会话。
我的代码无效,因为用户会话在关闭浏览器时似乎被破坏了。
这是我对新用户的register.php
<?php
session_start();
if(isset($_POST["submit"]))
{
$username = strtolower(trim($_POST["username"]));
$password = strtolower(trim($_POST["password"]));
$password=hash('sha512', $password);
$email = strtolower(trim($_POST["email"]));
$date = time();
$sql = "INSERT INTO users (username,password,email,date) VALUES (:username,:password,:email,:date)";
$q = $conn->prepare($sql);
$q->execute(array(':username'=>$username, ':password'=>$password, ':email'=>$email, ':date'=>$date));
if
($q)
{
$_SESSION["user"]=$username;
setcookie('username', $username, time()+10*365*24*60*60);
setcookie('password', $password, time()+10*365*24*60*60);
header("location:../"); exit();
}
}
?>
这是我的登录代码
<?php
session_start();
$username = strtolower(trim($_POST["username"]));
$username = filter_var($username, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH);
$password = strtolower(trim($_POST["password"]));
$password=hash('sha512', $password);
$results = $connecDB->prepare("select username,password from users where username = :username and password = :password");
$results->bindParam(':username', $username);
$results->bindParam(':password', $password);
$results->execute();
$rows = $results->fetch();
if($rows>0) {
$_SESSION["user"]=$username;
setcookie('username', $username, time()+10*365*24*60*60);
setcookie('password', $password, time()+10*365*24*60*60);
header("location: ../");
}
?>
这是我的注销代码,它会破坏会话
<?php
session_start();
$user=$_SESSION["user"];
$username = user_info($user, 'id');
if(!isset($_SESSION['user']))
{
header("Location: ../login/");
}
else if(isset($_SESSION['user'])!="")
{
header("Location: ../");
}
session_destroy();
unset($_SESSION['user']);
header("Location: ../");
?>
这是我的主索引页面(用户在成功登录后或登记后指向的页面)
<?php
session_start();
$user=$_SESSION["user"];
...
?>
这是我调用的函数,用于检查用户是否已登录
function isloggedin()
{
session_start();
if(isset($_SESSION["user"])) return true;
else return false;
}