PHP:单击“后退”按钮仍将重定向到上一页

时间:2019-02-21 15:07:51

标签: php session logout

PHP的新手。我有一个登录页面,它直接指向索引页面。在索引页面上有一个注销按钮。因此,当我单击注销时,它将重定向到登录页面,并在我单击“后退”按钮时取消设置$ _SESSION。但这不会破坏会话。它仍然将我重定向到索引页面。但是已经有未设置的值。似乎 session_destroy(); 无法正常工作。如果有人可以帮助我,那真是太好了。谢谢!

这是我的login.php

<?php 
 require('session.php'); 
?>

<html>
<head>
<!-- CSS -->
<link rel="stylesheet" href="css/style-login.css">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">

</head>
<body>
    <div class="header">
        <img src = "img/usc_logo.png">  
    </div>
    <div class="box">
        <form id="loginform" class="form-horizontal" role="form" action = "" method = "POST">       
            <div style="margin-bottom: 25px" class="input-group">
                <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
                    <input type="text" class="form-control" name="username" value="" placeholder="ID Number" required/>                                        
            </div>                 
            <div style="margin-bottom: 25px" class="input-group">
                <span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
                    <input type="password" class="form-control" name="password" placeholder="Password" required>
            </div>
            <div style="margin-top:10px" class="form-group">
                                <!-- Button -->
                <div class="col-sm-12 controls">
                    <input class="submit-1" type = "submit" value = " Log in " name= "submit"/><br/><br/>
                    Not a member yet?
                    <a href="register.php" class="button">Register</a><br/><br/>
                        <center>
                        <span style='color:#e60000; font-size:15px;'><b><?php echo $error; ?></b></span>
                        </center>
                </div>
            </div>     
        </form>
    </div>

    <!-- JS -->
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
</body>
</html>

这是我的index-admin.php

 <?php 
 require('session.php'); 
 ?>

<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="Mark Otto, Jacob Thornton, and Bootstrap contributors">
    <meta name="generator" content="Jekyll v3.8.5">
    <title>Admin DCIS</title>

    <link rel="canonical" href="https://getbootstrap.com/docs/4.3/examples/album/">

    <!-- Bootstrap core CSS -->
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">


     <style>
      .bd-placeholder-img {
        font-size: 1.125rem;
        text-anchor: middle;
        -webkit-user-select: none;
        -moz-user-select: none;
        -ms-user-select: none;
        user-select: none;
      }

      @media (min-width: 768px) {
        .bd-placeholder-img-lg {
          font-size: 3.5rem;
        }
      }
    </style>
    <!-- Custom styles for this template -->
    <link href="album.css" rel="stylesheet">
  </head>
  <body>
    <header>
  <div class="collapse bg-dark" id="navbarHeader">
    <div class="container">

    </div>
  </div>
  <div class="navbar navbar-dark bg-dark shadow-sm">
    <div class="container d-flex justify-content-between">
      <a href="#" class="navbar-brand d-flex align-items-center">   
        <strong>Hello, <?php echo $_SESSION['user_role'] ?></strong>
      </a>
      <a href="logout.php" class="btn btn-danger">Logout</a>    
    </div>
  </div>
</header>

<main role="main">

   <section class="jumbotron text-center">
    <div class="container">
      <h1 class="jumbotron-heading">Name of Requestee</h1>

        <button href="#" class="btn btn-primary my-2">Accept</button>
        <button href="#" class="btn btn-secondary my-2">Reject</button>
      </p>
    </div>
  </section>


<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
</body>
</html>

这是logout.php

<?php
session_start();
session_unset();
session_destroy();
header('Location: login.php');
?>

如果需要,这是我的session.php

    <?php
require("dbconnector.php");
    $error="";
    session_start();
    if(isset($_POST['submit'])){    
        require ('dbconnector.php');    
        $query = "SELECT * FROM user WHERE username = '{$_POST['username']}' AND password = '{$_POST['password']}'";
        $con = mysqli_query($conn, $query);
        if ($con->num_rows == 1){
            $row = mysqli_fetch_assoc($con);
            $_SESSION['user_role'] = $row['user_role'];

            mysqli_close($conn);
            if ($_SESSION['user_role'] == 'Admin'){
                header('Location: index-admin.php');
             }
            elseif($_SESSION['user_role'] == 'Student') {
                header('Location: index.php');
            }
        }   
        else{
            $error = "ID Number or Password is Invalid";
            header("refresh: 5");
        }
     }
?>

1 个答案:

答案 0 :(得分:0)

您需要在客户端正确销毁会话和会话的cookie。我建议不要在登录页面上写这个,而应该在特定页面(例如logout.php)上写,该页面将重定向到login.html。

<?php 
    session_start(); // Start by calling the session.
    $_SESSION = array(); // Reset the session's variables.
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); //Invalids session's cookie.
    session_destroy(); //Finally destroy it.
    //If you want to redirect
    header("Location: <URL>");
?>