我尝试编写php
脚本进行登录并注销。登录工作正常,但问题是我退出后退回按钮后返回主页。
<?php
//Start session
session_start();
//Include database connection details
require_once('connection.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$username = clean($_POST['username']);
$password = clean($_POST['password']);
//Input Validations
if($username == '') {
$errmsg_arr[] = 'Username missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: login.php");
exit();
}
//Create query
$qry="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry) or die (mysql_error());
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['EmpId'] = $member['EmployeeId'];
$_SESSION['username'] = $member['username'];
$_SESSION['password'] = $member['password'];
session_write_close();
header("location: ../MyInfo.php");
//echo 'You are loged in';
exit();
}else {
//Login failed
$errmsg_arr[] = 'user name and password not found';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: login.php");
exit();
}
}
}else {
die("Query failed");
}
?>
<?php
session_start(); // start a session first, else you cannot destroy/unset it
session_unset();
session_destroy(); // destroy all sessions
header('location:login.php'); // redirect
?>
我希望你能帮助我谢谢
答案 0 :(得分:0)
您可以尝试这一点,在标题header('location:login.php?_k'.md5(tim()));
<?php
session_start(); // start a session first, else you cannot destroy/unset it
session_unset();
session_destroy(); // destroy all sessions
header('location:login.php?_k'.md5(tim())); // redirect
?>
答案 1 :(得分:0)
您在检查会话是否有效吗?
从你的代码我会做
function checkIfLoggedIn()
{
if (isset($_SESSION['username'])){
header("Location:index.php");
} else{
header("Location:login.php");
}
}
将该功能放在每页的顶部
答案 2 :(得分:0)
在每个php页面的顶部,检查用户是否已登录。如果没有,则应将其重定向到登录页面:
<?php
if(!isset($_SESSION['logged_in'])) :
header("Location: login.php");
?>