刷新页面后会话被破坏

时间:2020-10-20 10:17:25

标签: php session session-variables

Login.php 

<?php
    session_start();
    
    $server = "localhost";
    $user = "...";
    $pass = "...";
    $database = "...";
    
    $verbindung = mysqli_connect($server, $user, $pass, $database)
            or die("Verbindung konnte nicht hergestellt werden.");
   
        $Email = $_POST["Email"];
        $Passwort = $_POST["Passwort"];
        
        $sql = "SELECT passwort FROM accounts WHERE email = '".$Email."'";
        $hashPasswort = mysqli_query($verbindung, $sql);
        $VerifyHash = mysqli_fetch_assoc($hashPasswort);

        if(password_verify($Passwort, $VerifyHash['passwort']))
        { 
            session_regenerate_id();
            $_SESSION['email'] = $Email;
            echo "<script type='text/javascript'>
            window.location.replace('...');
            </script>";
        }
        else
        {
        echo '<script type="text/javascript">
        window.location.replace("...");
        </script>';
        }
        
$return = mysqli_close($verbindung);
    if (!$return) {
      echo "<p>Die Verbindung mit dem Server konnte nicht geschlossen werden.</p>";
    }
?>

Index.php 

<?php
    session_start();
    if (!isset($_SESSION['email'])) {
        header('Location: Login.php?login=loginRequired');
        exit;
    }
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset='utf-8'>
        <meta name="viewport" content="width=device-width, initial-scale=0.85">
        <link rel="icon" type="image/png" href="../Bilder/favicon.ico"/>
        <meta http-equiv='X-UA-Compatible' content='IE=edge'>
        <title>Erste-Hilfe Kurs</title>
        <meta name='viewport' content='width=device-width, initial-scale=1'>
        <link rel='stylesheet' type='text/css' media='screen' href='../CSS/main.css'>
        <link rel='stylesheet' type='text/css' media='screen' href='../CSS/index.css'>
    </head>
    <body>
        <header>
            <div class="container">

                <a href="https://www.litec.ac.at/"><img src="../Bilder/Litec.png" alt="Litec" class="logo"></a>
                <a href="https://www.roteskreuz.at/home/"><img src="../Bilder/RotesKreuz2.png" alt="Litec" class="logo"></a>
                <nav>
                    <ul>
                        <li><a href="Index.php"><b><u>Home</u></b></a></li>
                        <li><a href="UeberUns.php">Über uns</a></li>
                        <li><a href="Anmeldung.php">Anmeldung</a></li>
                        <li><a href="Impressum.php">Impressum</a></li>
                        <li><a href="<?php session_destroy();?> Login.php">LOGOUT</a></li>
                    </ul>
                </nav>
            </div>
        </header>
        <label id="email"></label>
        <?php echo("{$_SESSION['email']}"."<br />");?>
    </body>
</html>

我制作了一个登录脚本,如果密码正确,它将打开Index.php网站。首次通过登录脚本打开Index.php网站时,一切正常,并设置了会话。但是,刷新页面后,会话将被破坏并且未设置。 那么,如何保存会话,以免刷新浏览器破坏会话?

1 个答案:

答案 0 :(得分:1)

index.php中的这一行破坏了您的会话:

<li><a href="<?php session_destroy();?> Login.php">LOGOUT</a></li>
                   ^^^^^^^^^^^^^^^^^

要实现注销过程,您可以链接到另一个php文件,然后在其中进行session_destroy();-例如。

相关问题
最新问题