Php 登录页面会话信息防止双重登录
因此,我试图通过禁用登录页面来阻止用户登录两次,如果他们能够成功登录的话 在我的页面顶部,我有:Php 登录页面会话信息防止双重登录,php,session,session-variables,Php,Session,Session Variables,因此,我试图通过禁用登录页面来阻止用户登录两次,如果他们能够成功登录的话 在我的页面顶部,我有: <?php session_start(); if($_SESSION['loggedin'] != true){ run page... } else { echo "You are already logged in! If you believe this in a error, please let us know. Thanks!"; } ?> 在我的登录页面上,我有
<?php
session_start();
if($_SESSION['loggedin'] != true){
run page...
}
else {
echo "You are already logged in! If you believe this in a error, please let us know. Thanks!";
}
?>
在我的登录页面上,我有:
session_regenerate_id();
$_SESSION['sess_user_id'] = $id;
$_SESSION['sess_username'] = $xusername;
$_SESSION['sess_gender'] = $gender;
$_SESSION['sess_homelat'] = $homelat;
$_SESSION['sess_homelng'] = $homelng;
$_SESSION['loggedin'] = true;
但这似乎不是问题所在
我正在本地开发,如果这改变了什么
编辑:目前的解决方案似乎是删除cookie,如下所示 您可以将会话变量清除到
会话\u destroy
。您将希望改为执行以下操作:
session_start();
$_SESSION = array();
session_destroy();
,您还可以删除会话cookie,以确保所有内容都已完全销毁:
session_start();
$_SESSION = array();
$_SESSION['loggedin'] = false; // Just in case
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();
在您的登录页面上,您是否有
$\u会话['loggedin']=true代码>是否被任何if语句包围?通过添加die('loggedin会话变量已设置!'),检查是否无意中设置了它代码>就在后面。谢谢,我试试看。更改顺序没有任何作用(尽管它确实有意义)。@ambe5960可能在您未意识到的情况下,正在其他地方设置会话['loggedin']
?如果您尝试$\u SESSION['loggedin']=false代码>在$\u SESSION=array()之后代码>?如果这不起作用,肯定会有其他东西重置您的$\u会话['loggedin']
session_start();
$_SESSION = array();
$_SESSION['loggedin'] = false; // Just in case
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();