登录和注销工作正常,但是,从页面注销后,即时消息仍然能够访问该页面,例如,如果我用作codeigniter_try / index.php / Home / backend,则在URL中显示其不应显示的页面碰巧,我的意思是说仅当我使用用户名和密码登录时,它才应该显示。我在这里面临什么问题可以指导我?
这是我的Controller.php
//-------this is Login method --------
public function login()
{
if($this->input->post('login'))
{
$username=$this->input->post('username');
$password=md5($this->input->post('password'));
$query=$this->db->query("select * from login where username='".$username."' and password='$password'");
$row = $query->num_rows();
if($row)
{
$newdata=array(
'username' => $this->input->post('username'),
'password' => md5($this->input->post('password')),
'is_logged_in'=>TRUE
);
$this->session->set_userdata($newdata);
redirect('Home/Backend');
}
else
{
$data['error']="<h3 style='color:red'>Invalid login details</h3>";
}
}
$this->load->view('login',@$data);
}
//---------this is Logout method --------
public function logout()
{
$this->session->unset_userdata($newdata);
$this->session->sess_destroy();
redirect('Home/login');
}
//-------Backend page---------
public function Backend()
{
$this->load->view('backend');
}
答案 0 :(得分:1)
unset_userdata()可用于通过传递会话密钥来删除它。
因此,注销功能将像这样更改。
public function logout()
{
$this->session->unset_userdata('username');
$this->session->unset_userdata('password');
$this->session->unset_userdata('is_logged_in');
/*
Or
$array_items = array('username' , 'password' , 'is_logged_in');
$this->session->unset_userdata($array_items);
*/
$this->session->sess_destroy();
redirect('Home/login');
}
答案 1 :(得分:1)
希望这对您有帮助:
您的logout方法应如下所示:
public function logout()
{
$this->session->sess_destroy();
redirect('Home/login');
}
您的Backend应该是这样的:您必须在所有控制器中进行检查
public function Backend()
{
if (! $this->session->userdata('is_logged_in')) redirect('Home/login');
$this->load->view('backend');
}
有关更多信息:https://www.codeigniter.com/user_guide/libraries/sessions.html#destroying-a-session