在注销

时间:2018-02-11 11:24:13

标签: php mysql codeigniter session

我已经实现了Codeigniters cart类,它自动启用会话(我从文档中收集的内容)并将会话数据存储到db中的ci_sessions表中。

但是,当我以用户身份注销时,会话仍保留在数据库中。如果重新登录,旧会话将保留,并创建新会话。它是否正确?在登录时,我从来没有真正检查ci_sessions表中的现有会话,这是我需要实现的东西还是codeigniter自动处理的东西?

这是我登录和注销的功能,我取消设置会话变量,但这本身并不会从数据库中删除会话。

class User extends CI_Controller {

  function __construct() {
    parent::__construct(); // Don't forget to call the parent constructor in this method

  }

  public function dashboard() {
    $this->load->view('template/header');
    $this->load->view('user/dashboard');
    $this->load->view('template/footer');
  }

  public function index()
    {
            $this->load->view('template/header');
            $this->load->view('landing_page');
            $this->load->view('template/footer');
    }

    public function register() {
        $this->load->view('template/header');
        $this->load->view('user/register');
        $this->load->view('template/footer');
    }

    public function login() {
        $this->load->view('template/header');
        $this->load->view('user/login');
        $this->load->view('template/footer');
    }

  public function registerUser() {
    //form validation rules
    $this->form_validation->set_error_delimiters('<div class="error" style="color: red;">', '</div>');
    $this->form_validation->set_rules('first_name', 'First Name', 'required');
    $this->form_validation->set_rules('last_name', 'Last Name', 'required');
    $this->form_validation->set_rules('dob', 'Date of Birth ', 'required');
    $this->form_validation->set_rules('address_1', 'Address One', 'required');
    $this->form_validation->set_rules('address_2', 'Address Two', 'required');
    $this->form_validation->set_rules('postcode', 'Postcode', 'required');
    $this->form_validation->set_rules('city', 'City', 'required');
    $this->form_validation->set_rules('county', 'County', 'required');
    $this->form_validation->set_rules('email', 'Email', 'required');
    $this->form_validation->set_rules('password1', 'Password One', 'required');
    $this->form_validation->set_rules('passwordagain', 'Password Confirmation', 'required|matches[password1]');

    if($this->form_validation->run() == FALSE) {
      //if form validation fails, send user back and display errors
      $this->register();
    } else {
      //prepare data for insert to db
      $data = array(
        'first_name' => $this->input->post('first_name'),
        'last_name' => $this->input->post('last_name'),
        'date_of_birth' => $this->input->post('dob'),
        'address_1' => $this->input->post('address_1'),
        'address_2' => $this->input->post('address_2'),
        'postcode' => $this->input->post('postcode'),
        'city' => $this->input->post('city'),
        'county' => $this->input->post('county'),
        'email' => $this->input->post('email'),
        'password' => $this->hashPassword($this->input->post('password1'))
      );

      $this->User_model->insertUser($data);
      redirect('user/index');
    }
  }

  public function loginUser() {
    $this->form_validation->set_error_delimiters('<div class="error" style="color: red;">', '</div>');
    $this->form_validation->set_rules('email', 'Email', 'required');
    $this->form_validation->set_rules('password', 'password', 'required');

    if($this->form_validation->run() == FALSE) {
      $this->login();
    } else {
      $email = $this->input->post('email');
      $password = $this->hashPassword($this->input->post('password'));

      $user_id = $this->User_model->login($email, $password);

      if($user_id) {
        $user_data = array(
          'user_id' => $user_id,
          'email' => $email,
          'logged_in' => true
        );

        $this->session->set_userdata($user_data);

        redirect('user/dashboard');
      } else {
        redirect('user/login');
      }
    }
  }

  // Log user out
  public function logout(){
    // Unset user data
    $this->session->unset_userdata('logged_in');
    $this->session->unset_userdata('user_id');
    $this->session->unset_userdata('email');

    // Set message
    $this->session->set_flashdata('user_loggedout', 'You are now logged out');
    $this->session->sess_destroy();

    redirect('user/login');

  }

  function hashPassword($password) {
       return md5($password);
   }
}

的config.php

$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'applicationcookie';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = FALSE;

在上面添加了我的config.php。我正在使用数据库作为会话驱动程序。

2 个答案:

答案 0 :(得分:0)

您错误地在session中设置了login controller。这就是session剩余的原因。

我假设您已在application/config/autoload.php下自动加载会话。

您创建的数组是正确的。

$user_data = array(
          'user_id' => $user_id,
          'email' => $email,
          'logged_in' => true
       );

接下来将其设置为会话,如下所示。

$this->session->set_userdata('login_session',$user_data); //你错了。

设置会话后,将用户重定向到信息中心或主页。

log out用户,请使用以下代码

if($this->session->userdata('login_session'){
    $this->session->unset_userdata('login_session');

    // Set message
    $this->session->set_flashdata('user_loggedout', 'You are now logged out');
    redirect('user/login');
}else{
    redirect('user/login');
}

现在,每当用户打开您的网站时,请检查用户的登录会话是否处于活动状态。

在构造函数下添加此代码。

class Dashboard extends CI_Controller{

   public function __construct(){
      parent::__construct();
      if(!($this->session->userdata('login_session'))){
         redirect('user/login','refresh');
      }
 }

同样,在您的登录控制器中,检查登录会话是否处于活动状态。

class Login extends CI_Controller{
    public function __construct() {
        parent::__construct();
        if($this->session->userdata('login_session')){
            redirect('user/dashboard','refresh');
        }
    }
}

编辑 - 如果您在单个控制器中同时使用这两种方法,则使用此代码

class User extends CI_Controller{
     public function __construct() {
          parent::__construct();
          if(!$this->session->userdata('login_session')){
              redirect('login','refresh');
          }
      }

      public function login(){
          $this->load->view('login_view');
      }

      public function dashboard(){
          //since in controller I'm checking the session, you need not have to check it in the dashboard.
          $this->load->view('dashboard_view');
      }
 }

希望这可以帮到你。

答案 1 :(得分:0)

当他们点击退出时,将他们发送到destroys the session

的控制器/方法
$this->session->sess_destroy();

这会使会话无效并阻止您进一步访问它。 CodeIgniter会自己清理数据库中过期的会话,你不需要进行垃圾回收。