即使在退回单击后退选项后,Bowser也会登录

时间:2017-07-15 10:07:01

标签: php pdo

我已经使用php和pdo构建了一个登录页面并创建并正确登录但是在单击退出按钮之后如果我再次单击它再次进入我的页面,只有在登录时才出现我甚至使用了会话但它不是甚至正常运行

    <?php
include('connect.php');
session_start();
if(isset($_POST['logout'])){
{
unset($_SESSION['logged_in']);  
session_destroy();  
header("location:index12.php");
}
}
    if(isset($_POST['login']))
      {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $errflag  = false;
    if($username == '' and $password == '') {
    echo "you must enter username and password";
    $errflag = true;
    }
    if ($errflag == false) {
    SignIn($username,$password);
    }
    }
    function SignIn($username,$password){
    global $connect;
    $search = $connect->prepare("SELECT * FROM users where username = 
    :username AND password = :password ");
    $search->bindParam(':username',$username);
    $search->bindParam(':password',$password);
    $search->execute();
    $count = $search->rowCount();
    if($count> 0)
    {
        $_SESSION['username'] = $_POST['username'];
            if(!isset($_SESSION['logged_in'])) 
                header("Location: myfile.php"); 
    }
    else{
        echo "wron email or password";
    }
}
?>

内页代码是

    <?php
echo "welcome to the website ";
echo "congrats you are logged in ";
?>
<html>
<head>
<title> 
welcome here</title>
</head>
<body>
<form method ="POST" action = "login.php">
<button name="logout" style="float:right;">logout</button>
</form>
<h1><center>google is one of the best search engine</center></h1>
</body>
</html>

thankyou我以上述方式更新了它,但它无法正常工作

2 个答案:

答案 0 :(得分:0)

在页面开头添加一些代码 session_start();

<?php
session_start();
if(isset($_POST['logout'])){
    {
    unset($_SESSION['logged_in']);  
    session_destroy();  
    header("location:index12.php");
}
}
?>

此外,如果您还没有在connect.php中启动会话,则必须使用 session_start();

启动会话
<?php
session_start();
include('connect.php');

答案 1 :(得分:0)

我不知道你是如何开始你的会议的,但这是一个建议:

我通常会编写一个new_session()函数,如下所示。我更喜欢设置cookie参数,以便我们可以控制它。

function new_session()
{
    $cookieParams = session_get_cookie_params();
    session_set_cookie_params($cookieParams['lifetime'], $cookieParams['path'], $cookieParams['domain'], Sessions::SECURED_COOKIES, Sessions::HTTP_ONLY);

    session_name('My_Awesome_App');       
    session_start();
    session_regenerate_id();

}

另一个摧毁一切

function destroy_session()
{
    session_unset();

    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);

    session_destroy();
}

您可以找到有关session_get_cookie_params() here的文档 以及session_set_cookie_params() here

回到您的示例

使用此新功能,您应该在页面顶部调用new_session(),并且注销应该如下所示。

new_session();
if (isset($_POST['logout'])) { {
        unset($_SESSION['logged_in']);
        destroy_session(); // our new function
        header("location:index12.php");
    }
}