如何完全销毁存储的所有会话?

时间:2016-02-25 03:56:21

标签: php

我通过下面的一段代码为登录用户存储这些会话:

$_SESSION = $r-> fetch_array(MYSQLI_ASSOC); 

// Store the HTTP_USER_AGENT:
$_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);

然后我打印出来:

Array ( [user_id] => 1 [username] => asdfxc [user_level] => 0 [agent] => d30847a2ec9c978a0e4db5470b78b327 [lid] => 1 )

我想要的是在我的logout.php页面中销毁它们,我的代码如下:

   // If no first_name session variable exists, redirect the user:
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT']) ) ) {

$url = BASE_URL . 'index.php'; // Define the URL.
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.

} else { // Log out the user.

$_SESSION = array(); // Destroy the variables.
session_unset();// remove all session variables
session_destroy(); // Destroy the session itself.
setcookie (session_name(), '', time()-3600); // Destroy the cookie.

}

// Print a customized message:
echo '<p>You are now logged out.</p>';

问题在于,当我通过在Firefox上登录为第一个用户ID进行测试,然后将其注销,然后将其作为第二个用户ID登录, 第一个用户ID的会话仍然存储。

然后我尝试打开Goog​​le Chrome,以*第二个**用户ID登录,第一个用户的会话就在那里!

您能帮助我完全删除/销毁所有logout.php页面吗?

谢谢!

根据@ Dagon的要求

编辑

1 /存储特定登录用户的会话: 

$q = "SELECT user_id, username, user_level 
              FROM users";

        $r = $mysqli->query($q);

        /*Fetch the results into variables.
        The query will return an array with three elements—one indexed at user_id, one at
        username, and the third at user_level,
        all three can be fetched right into $_SESSION, 
        resulting in $_SESSION['user_id'], $_SESSION['username'], and
        $_SESSION['user_level'] */

         $_SESSION = $r-> fetch_array(MYSQLI_ASSOC); 

        // Store the HTTP_USER_AGENT:
        $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);

        //Redirect to the item page (index.php)
header('Location: .../to/home.php');
exit();

2 /在home.php

中填充它 
if (isset($_SESSION['agent'])) {

echo 'Welcome:'.$_SESSION['username'].'!';

}

1 个答案:

答案 0 :(得分:0)

问题是你给每个人提供了相同的ID,因为你的查询没有选择特定的用户。

SELECT user_id, username, user_level FROM users

应该有一个WHERE子句来标识您想要的用户

相关问题
最新问题