我创建了一个控制用户登录和注销的功能,如下所示:
<?php
if (!defined('BASEPATH'))
exit('No direct script access allowed');
class Control_auth extends CI_Controller {
public function __construct() {
parent::__construct();
$this->load->library(array('session'));
$this->load->helper('url');
$this->load->model('model_user');
session_start();
}
public function index() {
$this->load->view('view_login');
}
public function check_login() {
$data = array('username' => $this->input->post('username'),
'password' => $this->input->post('password')
);
$hasil = $this->model_user->check_user($data);
if ($hasil->num_rows() == 1) {
$akses = $this->input->post('level');
foreach ($hasil->result() as $sess) {
$sess_data['logged_in'] = 'logging';
$sess_data['username'] = $sess->username;
$sess_data['level'] = $sess->level;
$this->session->set_userdata($sess_data);
}
/* administrator */
if ($this->session->userdata('level') == 1 && $akses == 'Administrator') {
redirect('administrator/control_admin');
} else {
echo " <script>alert('Gagal Login: Pilih Hak Akses');history.go(-1);</script>";
}
/* member */
if ($this->session->userdata('level') == 4 && $akses == 'User') {
redirect('control_member');
}
} else { //false
echo " <script>alert('Gagal Login: Cek username , password, dan hak akses Anda !');history.go(-1);</script>";
}
}
public function logout() {
$this->session->unset_userdata(array('username' => '', 'logged_in' => FALSE));
$this->session->userdata = array();
$this->session->sess_destroy();
redirect('control_auth');
}
}
问题是,当我退出时,它只是重定向到登录页面。因此,在像Firefox这样的浏览器中,当点击箭头历史记录时,它仍然可以访问主页面。任何解决方案都会受到影响......
答案 0 :(得分:0)
您必须在control_admin函数中添加此代码,以检查此用户是否已登录。
if(!empty($this->session->userdata['username'])){
//add your code here if logged in
$this->load->view('yourpagename');
}else{
redirect('control_auth');
}
答案 1 :(得分:0)
注销时清除缓存
header("Cache-Control: no-cache, no-store, must-revalidate");
header("Pragma: no-cache");
header("Expires: 0");
答案 2 :(得分:0)
将此代码添加到每个管理控制器中,以进行登录验证。
//check login status if not login user will redirect to htt://heloo.com/dboxadmin.php
if(($this->session->userdata('username')!=NULL)&&($this->session->userdata('level')!=NULL)){
//user already login
//add filtering query by level user. $this->session->userdata('level');
}else{
redirect("dboxadmin.php"); //your login controller
}
//login controller
if(($this->session->userdata('username')!=NULL)&&($this->session->userdata('level')!=NULL)){
//user already login and redirect to dashboard
redirect("dashboard.php");
}else{
//add code for check, if post call login query
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
//your login query
}else{
//show login form
$this->load->view('login-form');
}
}
//logout controller add
$this->session->sess_destroy();
redirect("dboxadmin.php"); //your login controller
阅读本文档:https://ellislab.com/codeigniter/user-guide/libraries/sessions.html
答案 3 :(得分:0)
添加
session_destroy();
并尝试....
答案 4 :(得分:0)
通过帮助完成整个过程。请查看链接https://stackoverflow.com/questions/29667810/session-timeout-in-codeigniter,不要忘记重命名$ config [&#39; sess_cookie_name&#39;]