我有一个简单的应用程序,我正在使用会话来允许用户进出。我意识到$ _SESSION设置的时候,当我关闭浏览器时没有注销$ _SESSION自行销毁,所以我改变了我的代码,以便我可以扩展会话的生命周期。我希望通过这种方式,当用户点击“记住我”复选框时,他们可以保持连接两周。
我尝试过这样做,但据我所知,它不起作用。
下面的是我的登录脚本:
<?php
session_start();
//redirect of session is already set and its not empty
if(isset($_SESSION['usigh-ses']) and !empty($_SESSION['usigh-ses'])){
header("location:home");
}
//require connection file
require('include/dbc.php');
// create empty variables to hold data
$email = $password =$errors= $name= $name2= $u_avatar="";
$emailErr = $passwordErr ="";
$passwordbox =false;
$emailbox =true;
if(isset($_POST['submit'])){
if(empty($_POST['email']) || ctype_space($_POST['email'])){
$emailErr ="Please enter your email address.";
}else{
$email = trim(strtolower($_POST['email']));
//Validate for correct email
if(!filter_var($email,FILTER_VALIDATE_EMAIL)){
$emailErr ="Enter a valid email address.";
}
} //end of email
if(empty($_POST['password'])|| ctype_space($_POST['password'])){
//$passwordErr ="Please enter your password.";
$errors ='<div class="topalerts"> Go ahead and enter your password</div>';
}
//Recheck validation
if($email !="" && !ctype_space($email) && filter_var($email,FILTER_VALIDATE_EMAIL)){
//AsK database questions
$sql = "SELECT * FROM $table_name WHERE Email ='$email' LIMIT 1";
$result = mysqli_query($dbc_conn,$sql);
$numrows =mysqli_num_rows($result);
if($numrows > 0){
while( $row =mysqli_fetch_assoc($result)){
$db_email = $row['Email'];
if($email == $db_email){
if($row['avatar'] !=NULL){
$image = $row['avatar'];
$image_url = "uploaded/$image";
if(file_exists($image_url)){
$u_avatar = $row['avatar'];
}else{
//Default profile avatar because OF ERROR OR FILE DO NOT EXIST
$u_avatar = "blank-profile.png";
}
}else{
//Default profile avatar because row AVATAR is NULL
$u_avatar = "blank-profile.png";
}
//hide email div, show password div
$name = $row["FirstName"][0];
$name2 = $row['FirstName'];
$passwordbox =true;
$emailbox =false;
//check for valid password
if(!empty($_POST['password']) and !ctype_space($_POST['password'])){
$password = md5($_POST['password']);
if( $password == $row['Password']){
$rand = rand();
//remember me feature
if(isset($_POST['remember'] ) and $_POST['remember']=="yes"){
$lifetime = 25200;
session_set_cookie_params($lifetime,"/","localhost");
$IsLoggIn=$_SESSION['usigh-ses'] = $row['id'];
header("location:home?u=$IsLoggIn&search=$rand");
}else{
$IsLoggIn=$_SESSION['usigh-ses'] = $row['id'];
header("location:home?u=$IsLoggIn&search=$rand");
}
//this user is online
mysqli_query($dbc_conn,"UPDATE $table_name SET active=1 WHERE id ='$IsLoggIn' ");
//redirect user
}else{
$errors ='<div class="topalerts"> The password you have entered is invalid.
Please provide a valid password of your account.</div>';
$passwordErr = 'The email and password you entered don\'t match. ';
}
}
}
}
}else{
$errors ='<div class="topalerts"> It seems you are not a registered member
or your email is incorrect.Try again.</div>';
$emailErr = "Sorry, your email could not be verified.";
}
}//end of recheck
else{
$errors ='<div class="topalerts">There were one or more errors in your submission.
Please correct the mark fields below.</div>';
}
} //end of main submit
?>