无法关闭会话并在php中注销

时间:2017-09-12 14:55:58

标签: php html mysql session

我设计了一个验证表单,它接受输入并检查MySQL条目以登录并创建会话,它工作得非常完美。但是当我试图破坏会话和注销时,它并没有起作用。以下是三个相关页面。 注意 - signin.inc.php,signout.inc.php,nav.php,home.php等都在" include"夹。只有index.php在外面。

Index.php - >

<?php session_start(); ?>
<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>DigiVault</title>
    <link rel="stylesheet" type="text/css" href="css/font-awesome.min.css">
    <link rel="stylesheet" type="text/css" href="css/clean.css">
    <link rel="stylesheet" type="text/css" href="css/home.css">
    <link rel="stylesheet" type="text/css" href="css/index.css">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.css" />
  </head>
  <body>
    <header>
      <div class="main-brand">
        <?php
          if(isset($_SESSION['u_id'])){
            echo "
            <label for='menuToggle' class='menu-icon'>&#9776;</label>
            ";
          }
        ?>
        <h2>&nbsp;DigiV<span style="color:#ccc"><i class="fa fa-lock" aria-hidden="true"></i></span>ult</h2>
      </div>
    </header>
        <?php
          if(!isset($_SESSION['u_id'])){
            echo "
              <nav id='index-nav'>
              <ul>
                <li id='about-us'>About Us</li>
                <li id='get-started'>Get Started</li>
              </ul>
            </nav>
            ";
          }else {
            include_once 'include/nav.php';
          }
        ?>
    <div class="main-wrapper">
      <?php
        if(!isset($_SESSION['u_id'])){
          include_once 'include/home.php';
        } else{
          include_once 'include/user.php';
        }
       ?>
    </div>
  </body>
</html>

Home.php - &gt;

<div class="signin-container">
    <p class="form-header" style="color:white">Login</p>
    <form id="signin-form" action="include/signin.inc.php" method="POST">
      <input type="text" name="uid" placeholder="Username/Email">
      <input type="password" name="pwd" placeholder="Password">
      <button type="submit" class="form-button" name="submit-signin">Sign In!</button>
      <span id="to-register" style="padding-top:1.13em">Are you new?</span>
    </form>
  </div>

Nav.php - &gt;

<nav class="user-nav animated bounceInLeft">
  <ul>
      <li><a href="#">HOME</a></li>
        <li><a href="#">ABOUT</a></li>
        <li><a href="#">FORM</a></li>
        <li><a href="#">GALLERY</a></li>
        <li><a href="#">BLOG</a></li>
        <li>
            <?php
              if(isset($_SESSION['u_id'])){
                echo "
                  <form action='signout.inc.php' method='post'>
                  <button type='button' name='submit-signout'>Logout</button>
                  </form>
                ";
              }
            ?>
        </li>
    </ul>
</nav>

signin.inc.php - &gt;

<?php

session_start();

if(isset($_POST['submit-signin'])){

  include_once 'dbh.inc.php';

  $uid= mysqli_real_escape_string($conn,$_POST['uid']);
  $pwd= mysqli_real_escape_string($conn,$_POST['pwd']);

  if(empty($uid) || empty($pwd)){
    header("Location: ../index.php?signin=error");
    exit();

  }else {
    $sql= "SELECT * FROM users where user_uid='$uid' OR user_email='$uid'";
    $result = mysqli_query($conn,$sql);
    $resultcheck = mysqli_num_rows($result);

    if($resultcheck < 1){
      header("Location: ../index.php?signin=error");
      exit();
    } else {

      if($row = mysqli_fetch_assoc($result)){
        $hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
        if($hashedPwdCheck == false){
          header("Location: ../index.php?signin=error");
          exit();
        }
        elseif($hashedPwdCheck == true) {
          $_SESSION['u_id'] = $row['user_id'];
          $_SESSION['u_first'] = $row['user_first'];
          $_SESSION['u_last'] = $row['user_last'];
          $_SESSION['u_email'] = $row['user_email'];
          $_SESSION['u_uid'] = $row['user_uid'];
          header("Location: ../index.php");
          exit();
        }
      }
    }
  }
}else {
  header("Location: ../index.php?signin=error");
  exit();
}

signout.inc.php - &gt;

<?php

if(isset($_POST['submit-signout'])){

  session_start();
  session_unset();
  session_destroy();
  header("Location: ../index.php");
  exit();
}

注意 - 问题在于退出,验证和登录工作完美,但我把它们放在以防万一有错误的地方。

1 个答案:

答案 0 :(得分:0)

<button type='button' name='submit-signout'>Logout</button>必须为<button type='submit' name='submit-signout'>Logout</button>,否则将无法提交表单