会话没有被取消或被破坏

时间:2016-03-02 17:59:35

标签: php

在connect.php中调用session_start()但出于安全原因未包含在此处

我遇到了一个没有被设置或被破坏的会话的麻烦

我有一个logout.php,我处理注销,看起来像这样

<?
 if(isset($_POST['logout'])){
  session_start();
  session_unset();
  session_destroy();
  header("Location: index.php");
 }
?>

然后我在我的导航中调用此代码,这是正常工作但是一旦我登录并尝试注销导航应该消失并且应该显示表单但导航是唯一显示在这里的是脚本< / p> 

<nav>
<?
 if(isset($_SESSION['user'])){
  include("server/constants/nav.php");
 } else{?>
  <div class="form">
  <input type="button" id="displayLoginForm" onclick="showLogin()" value="Login">
  <input type="button" id="displayRegisterForm" onclick="showRegister()" value="Register">
   <div id="loginSection" style="display:none">
  <?  include("server/display/LoginForm.php") ?>
   </div>

   <div id="registerSection" style="display:none">
   <?  include("server/display/RegisterForm.php") ?>
   </div>
  </div>
<? } ?>
</nav>

其他相关脚本

HandleLogin.php 

<?
 if(isset($_POST['Login'])){
  $user = $_POST['username'];
  $pass = $_POST['password'];

  $sql = "SELECT * FROM energywise WHERE username='$user'";
  $query = mysql_query($sql);
  $row = mysql_fetch_object($query);

  $id = htmlspecialchars($row->id);
  $firstName = htmlspecialchars($row->firstname);
  $lastName = htmlspecialchars($row->lastname);
  $username = htmlspecialchars($row->username);
  $password = htmlspecialchars($row->password);
  $mail = htmlspecialchars($row->email);

  if(empty($id)){
   echo 'Account does not exist';
  } elseif($pass != $password){
   echo 'Passwords do not match';
  } else{
   $_SESSION['user'] = $id;
   header("Location: index.php");
  }
 }
?>

nav.php 

<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
<link rel="stylesheet" href="css/navigation.css">
<script src="js/nav.js"></script>

<div id='cssmenu'>
<ul>
   <li class='active'><a href='index.php'>Home</a></li>
   <li><a href='calender.php'>Calender</a></li>
   <li><a href='locations.php'>Locations</a></li>
   <li><a href='#'>Placeholder</a></li>

   <form method="post">
   <li><input type="submit" name="logout" value="Logout"></li>
   </form>
</ul>

1 个答案:

答案 0 :(得分:2)

嗯,我不知道,但你是否测试过logout.php是否正在被访问?我想念表格上的action="logout.php"

<form action="logout.php" method="post">
<li><input type="submit" name="logout" value="Logout"></li>
</form>
相关问题
最新问题