存储用户会话

时间:2016-06-03 09:57:51

标签: php

我有一个登录和注册页面,实际上我想在用户点击注销按钮时存储会话,在输入用户名和密码之前不允许他们进入主页..! 在登录页面上,我有用于存储会话的代码。

 $user_name = $_SESSION['user_name'] = $_POST['user_name'];

在主页上我有条件..

<?php
session_start();
if(!$_SESSION['user_name']==1){
    header("location:login.php?error=You must be logged in first!");
    exit();
}
?>

主要问题是,当用户点击注销并重定向到登录页面时..如果他在地址栏中键入主页URL,则无需输入密码和登录即可到达主页。问题是什么?

1 个答案:

答案 0 :(得分:1)

试试这个

的login.php

<?php
    session_start();

    // Log in on submit
    if (isset($_POST['user_name']) /* whatever */) {
        // Do some login validations here
        // and if successful, set the session then redirect
        $_SESSION['sess_user'] = $_POST['user_name'];
        header('Location: /members.php');
        exit();
    }
?>

logout.php

<?php
    session_start();

    // Unset all session values 
    $_SESSION = array();

    // get session parameters 
    $params = session_get_cookie_params();

    // Delete the actual cookie. 
    setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);

    // Destroy the session 
    session_destroy();

    header("Location: /login.php");
?>

members.php

<?php
    session_start();

    // Check if authenticated
    if (!isset($_SESSION['sess_user'])) {
        header("location:login.php?error=You must be logged in first!");
        exit();
    }
?>