用户自行注销

时间:2011-11-12 18:57:13

标签: php authentication cookies logout

我在项目中的登录脚本上遇到了一个奇怪的问题。

当您点击页面上的其他链接时,有时(通常在前几次尝试期间)用户自行注销会发生什么情况,例如,一旦用户登录并且您单击主链接,您会发现该链接用户现在不再登录。

其他时候,用户仍然保持登录状态,并且单击“主页”或“用户帐户”链接可以完美地运行。

以下是我的登录脚本代码,任何人都可以弄清楚它有什么问题吗?

P.S。只是想提一下,auth类对象在文件config.php内初始化,而auth类本身的代码在另一个文件夹中的文件中。此文件夹和登录脚本位于同一目录中。问题可能与此有关吗?

<?php


require_once("initvars.inc.php");
require_once("config.inc.php");
echo "ltest1";
$username = null;
$msg = '';
if(isset($_COOKIE["try_user"]))
$username = (string) $_COOKIE["try_user"];
$approve_passkey = isset($_GET['apasskey']) && is_string($_GET['apasskey'])?$_GET['apasskey'] : null;
$passkey = isset($_GET['passkey']) && is_string($_GET['passkey'])?$_GET['passkey'] : null;
$get_email = isset($_GET['email']) && is_string($_GET['email']) && strlen($_GET['email'])<100?$_GET['email'] : null;

if( isset($_GET['logout'] ) ){
    //Logout user
    $auth->logout();
}
elseif( isset($_POST['do_login'] ) ){//Login user
    $email = (isset($_POST['login']) && is_string($_POST['login']) && strlen($_POST['login'])<100)?$_POST['login'] : null;
    $password  = (isset($_POST['password']) && is_string($_POST['password']) && strlen($_POST['password'])<100)?$_POST['password'] : null;
    $remember  = isset($_POST['chkremember']) ? true : false;

    $result = $auth->login($email, $password, $remember);
    switch($result){
        case 1: header("location: index.php?view=myaccount"); die('You have successfully logged in.');  break;    
        case 2: $msg = 'Your account has not yet been confirmed. <br/> Please check the e-mail message sent by us and click the confirmation code to validate this account. <a href="user_login.php?view=resend&resend_email='.$email.'">resend activation e-mail</a>'; break;
        case 3: $msg = 'Your account is not enabled!';  break;
        case 4: $msg = 'Account with given login credentials does not exist!';  break;
    }
}
elseif( isset($_POST['lostpw'] ) ){//Send confirm e-mail
    $email = isset($_POST['login']) && is_string($_POST['login']) && strlen($_POST['login'])>5 && strlen($_POST['login'])<100?$_POST['login'] : null;

    $result = $auth->lost_pw_step1($email);
    switch($result){
        case 0: $msg = 'Could not find account associed with given e-mail!';    break;
        case 1: $msg = 'E-mail containing further instructions has been sent to your e-mail';   break;
        case 2: $msg = 'Could not generate password recover code, please try again!';   break;
        case 3: $msg = 'Could not send E-mail to your e-mail, please try again!';   break;
    }
}
elseif( isset($_GET['resend_email'] ) ){//Send confirm e-mail
    $email = isset($_GET['resend_email']) && is_string($_GET['resend_email']) && strlen($_GET['resend_email'])>5 && strlen($_GET['resend_email'])<100?$_GET['resend_email'] : null;

    $result = $auth->resend_activation_email($email);
    switch($result){
        case 0: $msg = 'Could not find unactivated account associed with given e-mail!';    break;
        case 1: $msg = 'E-mail containing further instructions has been sent to your e-mail';   break;
        case 2: $msg = 'Could not set a new password, confirm code for you, please try again!'; break;
        case 3: $msg = 'Could not send E-mail to your e-mail, you\'ll have to repeat a process!';   break;
    }
}
elseif( $passkey && $get_email ){//reset pw, and send it to user
    $result = $auth->lost_pw_step2($passkey, $get_email);
    switch($result){
        case 0: $msg = 'Could not find account associed with given e-mail!';    break;
        case 1: $msg = 'E-mail containing your new password has been sent to your e-mail!'; break;
        case 2: $msg = 'Could not set a new password for you!'; break;
        case 3: $msg = 'Could not send E-mail to your e-mail, you\'ll have to repeat a process!';   break;
    }
}
elseif( $approve_passkey && $get_email ){//approve account
    $result = $auth->approve_account($approve_passkey, $get_email);
    switch($result){
        case 0: $msg = 'Wrong params inputed!'; break;
        case 1: $msg = 'Your account has been approved!';   break;
        case 2: $msg = 'Could not approve account for you!';    break;
        case 2: $msg = 'Your account is already approved!'; break;
    }
}

//print_r($_POST);

if( $msg ) ?>


<br />  <br />   

<?php

    echo '<div class="mediumblack">'.$msg.'</div>';

?>

<?php if($xview=='login') { ?>
<?php if($auth->id) { ?>
    <h1>Hi, <?php echo $auth->email;?></h1>
<?php }else{ ?>
<form name="form1" method="post" name="login" action="index.php?view=login" onsubmit="return check_login()">
<input type="hidden" name="do_login" value="1" />
<div id="login_box" style="width:450px;margin-left:auto;margin-right:auto;">
    <h1>Member Login</h1>

    <p class="clear">
        <label for="login" style="min-width:150px;display:block;">Email :</label>
        <input type="text" name="login" id="login" class="g_input" value="<?php echo $username; ?>"  onMouseOver=""  style="width:150px" required="required" />
    </p>
    <p class="clear">
        <label for="password" style="min-width:150px;display:block;">Password :&nbsp;</label>
        <input type="password" name="password" id="password" class="g_input" value="" onClick="" style="width:150px" required="required" />
    </p>
    <p>
        <input type="submit" class="g_input b_orange" id="submit" value=" Login " >
        &nbsp; 
        <input type="checkbox" name="chkremember"  id="chkremember" class="g_input" <?php if( isset( $_COOKIE['try_user'])) echo "checked=\"checked\""; ?> />
        &nbsp;Remember me
    </p>
    <p style="text-align:center">
            <a href="index.php?view=register">Sign up&nbsp;</a>
            &nbsp;&nbsp;
            <a href="index.php?view=lostpw">Forgot Password</a>
    </p>
</div>
</form>
<?php } ?>
<?php } ?>



<?php 

/* Show recover password form else check if  the submitted email address exists. 
   If exists email the user a new password  */

if(($xview=='lostpw' && (!isset($_POST['GetNewPass']))) && ((!($passkey && $get_email)))) {  ?>

<?php if($auth->id) { ?>
    <h1>Hi, <?php echo $auth->email;?></h1>
<?php }else{ ?>
<form name="form1" method="post" name="login" action="index.php?view=lostpw">
<input type="hidden" name="lostpw" value="1" />
<div id="login_box" style="width:450px;margin-left:auto;margin-right:auto;">
    <h1>Recover Password</h1>

    <p class="clear">
            <label for="login" style="min-width:150px;display:block;">Email :</label>
            <input type="text" name="login" id="login" class="g_input" value=""  onMouseOver=""  style="width:150px" required="required" />
    </p>
    <p>
        <input type="submit" class="g_input b_orange" name="GetNewPass" value=" GetNewPass " >
    </p>
    <p style="text-align:center">
            <a href="index.php?view=register">Sign up&nbsp;</a>
            &nbsp;&nbsp;
            <a href="index.php?view=login">Login</a>
    </p>
</div>
</form>
<?php } ?>
<?php } ?>


<?php if($xview=='resend_email') { ?>
<?php if($auth->id) { ?>
    <h1>Hi, <?php echo $auth->email;?></h1>
<?php }else{ ?>
<form name="form1" method="get" name="login" action="index.php">
<input type="hidden" name="view" value="resend_email" />
<div id="login_box" style="width:450px;margin-left:auto;margin-right:auto;">
    <h1>Resend confirm e-mail</h1>

    <p class="clear">
        <label for="resend_email" style="min-width:150px;display:block;">Email :</label>
        <input type="text" name="resend_email" id="resend_email" class="g_input" value=""  onMouseOver=""  style="width:150px" required="required" />
    </p>
    <p>
        <input type="submit" class="g_input b_orange" id="submit" value=" Submit " >
    </p>
    <p style="text-align:center">
            <a href="index.php?view=register">Sign up&nbsp;</a>
            &nbsp;&nbsp;
            <a href="index.php?view=login">Login</a>
    </p>
</div>
</form>
<?php } ?>
<?php } ?>

0 个答案:

没有答案
相关问题
最新问题