Php 注销脚本不工作
请帮助我完成注销脚本。我为愚蠢的错误感到抱歉,我对php非常陌生。请向我提供如何修复此问题的详细信息和示例。非常感谢你 登录页面:有4种类型的用户。每个用户将获得一个单独的主页Php 注销脚本不工作,php,mysql,Php,Mysql,请帮助我完成注销脚本。我为愚蠢的错误感到抱歉,我对php非常陌生。请向我提供如何修复此问题的详细信息和示例。非常感谢你 登录页面:有4种类型的用户。每个用户将获得一个单独的主页 <?php session_start(); require_once('common/config.php'); if(isset($_POST['username'])) { $username = $_POST['username']; $password = $_POST['passw
<?php
session_start();
require_once('common/config.php');
if(isset($_POST['username']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM `users` WHERE username='".$username."' and password='".$password."'";
$result = mysql_query($sql) or die(mysql_error());
$fetched = mysql_fetch_array($result);
if ($fetched['user_type'] == "admin")
{
header('location: adminhomepage.php');
}
else if ($fetched['user_type'] == "po")
{
header('location: pohomepage.php');
}
else if ($fetched['user_type'] == "pw")
{
header('location: pwhomepage.php');
}
else if ($fetched['user_type'] == "ps")
{
header('location: pshomepage.php');
}
else
{
header('location: invalid.php');
exit();
}
}
?>
<?php
session_start();
if (isset($_SESSION['username']) && ($_SESSION['username'] !== 1))
{
header('Location: login.php');
}
?>
注销页面-
<?php
session_start();
$_SESSION['username'] =0;
?>
您必须先启动会话
,然后才能访问该会话。注销页面
在您的logout.php
中,请更新此代码
<?php
session_start();
if(isset($_SESSION['username']))
{
unset($_SESSION['username']);
header('Location: login.php');
}
?>
使用unset($\u SESSION['susername'])或SESSION\u destroy编辑:
根据您的新信息,很明显您从未实际设置$\u SESSION['username']值
if ($fetched['user_type'] == "admin")
{
$_SESSION['username'] = $username;
header('location: adminhomepage.php');
}
else if ($fetched['user_type'] == "po")
{
$_SESSION['username'] = $username;
header('location: pohomepage.php');
}
else if ($fetched['user_type'] == "pw")
{
$_SESSION['username'] = $username;
header('location: pwhomepage.php');
}
else if ($fetched['user_type'] == "ps")
{
$_SESSION['username'] = $username;
header('location: pshomepage.php');
}
else
{
header('location: invalid.php');
}
exit();
你的问题在于你的比较
if ($_SESSION['username'] != 1)
如果未设置$\u会话['username'],则为空、字符串、false等,则为真
这可能更符合你的要求
if (isset($_SESSION['username']) && is_string($_SESSION['username']) && strlen($_SESSION['username']))
您需要在这里修复SQL注入问题
$sql = "SELECT * FROM `users` WHERE username='".$username."' and password='".$password."'";
用适当的准备语句转义变量或使用PDO
您还应该将密码存储为。获取用户,将存储的哈希值与密码进行比较
在注销页面中添加session\u start()
,是否应不更改主页?我现在无法登录到主页。继续接收登录页。您只想注销脚本。在homw页面中设置任何会话,最后一次破坏它。但是如果你想回页问题,我给你登录,然后如果你退出,然后返回,它需要先登录。我似乎无法登录到主页。当我输入login时,登录页面会一直刷新。@Zazu在检查是否设置之前,您必须将$\u SESSION['username']的值设置为某个值。请给我一个示例说明您的意思。我对这个很陌生。抱歉。@Zazu noone可以在没有更多代码信息的情况下帮助您。在您的流程中,您在哪里处理登录表单并设置$\u会话['username']值?“我建议你提出一个新问题。”扎祖为你的新细节补充了一个更好的回答。
if ($fetched['user_type'] == "admin")
{
$_SESSION['username'] = $username;
header('location: adminhomepage.php');
}
else if ($fetched['user_type'] == "po")
{
$_SESSION['username'] = $username;
header('location: pohomepage.php');
}
else if ($fetched['user_type'] == "pw")
{
$_SESSION['username'] = $username;
header('location: pwhomepage.php');
}
else if ($fetched['user_type'] == "ps")
{
$_SESSION['username'] = $username;
header('location: pshomepage.php');
}
else
{
header('location: invalid.php');
}
exit();
if ($_SESSION['username'] != 1)
if (isset($_SESSION['username']) && is_string($_SESSION['username']) && strlen($_SESSION['username']))
$sql = "SELECT * FROM `users` WHERE username='".$username."' and password='".$password."'";
if (!password_verify($password, $fetched["password"])) {/* wrong password, show error or something */}