PHP登录注销问题

时间:2013-11-19 08:42:25

标签: php

我尝试编写php脚本进行登录并注销。登录工作正常,但问题是我退出后退回按钮后返回主页。

<?php
//Start session
session_start();

//Include database connection details
require_once('connection.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
    $str = @trim($str);
    if(get_magic_quotes_gpc()) {
        $str = stripslashes($str);
    }
    return mysql_real_escape_string($str);
}

//Sanitize the POST values
$username = clean($_POST['username']);
$password = clean($_POST['password']);

//Input Validations
if($username == '') {
    $errmsg_arr[] = 'Username missing';
    $errflag = true;
}
if($password == '') {
    $errmsg_arr[] = 'Password missing';
    $errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    session_write_close();
    header("location: login.php");
    exit();
}

//Create query
$qry="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry) or die (mysql_error());

//Check whether the query was successful or not
if($result) {
    if(mysql_num_rows($result) > 0) {
        //Login Successful
        session_regenerate_id();
        $member = mysql_fetch_assoc($result);
        $_SESSION['EmpId'] = $member['EmployeeId'];
        $_SESSION['username'] = $member['username'];
        $_SESSION['password'] = $member['password'];
        session_write_close();
        header("location: ../MyInfo.php");
        //echo 'You are loged in';
        exit();
    }else {
        //Login failed
        $errmsg_arr[] = 'user name and password not found';
        $errflag = true;
        if($errflag) {
            $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
            session_write_close();
            header("location: login.php");
            exit();
        }
    }
}else {
    die("Query failed");
}
?>

<?php
session_start(); // start a session first, else you cannot destroy/unset it
session_unset();
session_destroy(); // destroy all sessions
header('location:login.php'); // redirect   
?>

我希望你能帮助我谢谢

3 个答案:

答案 0 :(得分:0)

您可以尝试这一点,在标题header('location:login.php?_k'.md5(tim()));

中添加了一些关键值 
    <?php
        session_start(); // start a session first, else you cannot destroy/unset it
        session_unset();
        session_destroy(); // destroy all sessions
        header('location:login.php?_k'.md5(tim())); // redirect   
    ?>

答案 1 :(得分:0)

您在检查会话是否有效吗?

从你的代码我会做

function checkIfLoggedIn()
{
   if (isset($_SESSION['username'])){ 
     header("Location:index.php");
   } else{
     header("Location:login.php");
   }
}

将该功能放在每页的顶部

答案 2 :(得分:0)

在每个php页面的顶部,检查用户是否已登录。如果没有,则应将其重定向到登录页面:

<?php 
      if(!isset($_SESSION['logged_in'])) : 
      header("Location: login.php");  
?>
相关问题
最新问题