注销需要帮助(注销不完美) [英] need help with logout (logout not perfect)

查看:55
本文介绍了注销需要帮助(注销不完美)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

大家好,


我写了一个登录/注销代码。它做了它应该做的但是

问题是当我退出并按下浏览器的后退按钮时(在

Firefox中),我到了上次登录页面。在IE中,当我按回

按钮时,我会进入页面已过期的页面。但Firefox确实没有这样做。
不这样做。


我认为这与会话未正确设置或

有关类似的东西,但我还没能弄明白。我是

附上我的代码和数据库结构如下。如果您需要更多信息,

请给我发电子邮件。我真的希望尽快解决这个问题。我已经玩了很长时间的

。谢谢!


登录课程:

-----------------


class登录{

// var $ loginflag;

// var $ db_connect;


功能登录( ){

// $ this - > db_connect = $ db_connect;


if(!isset($ _ SESSION [''uid''])| | $ _SESSION [''uid''] == 0){

$ this-> set_session_defaults();

echo"登录类内< br /> ;" ;;

}

}


函数check_login($ username,$ password){

global $ db;

$ link = $ db-> connectDB();


if($ _SESSION [''logged'']) {

$ this-> check_session();

echo" logged ...< br />";

返回true;

} else {

$ username = mysql_escape_string($ username);

$ query =" SELECT * FROM users WHERE username =''$ username''AND

AES_DECRYPT(密码,''dreamfilmslogin438ismbtsx'') =''$ password''" ;;

$ result = mysql_query($ query,$ link)或死(无法选择);


if(mysql_num_rows($ result)){

$ this-> set_session($ username = mysql_fetch_assoc($ result),true);

返回$ username [ ''用户名''];

}其他{

$ this-> failed = true;

session_destroy();

返回false;

}

}

}


function check_session( ){

global $ db;

$ link = $ db-> connectDB();


$ username = mysql_escape_string ($ _SESSION [ '' 用户名 '']);

$令牌=函数mysql_escape_string($ _ SESSION [ '' 令牌 '']);

$会话=函数mysql_escape_string(SESSION_ID ());

$ ip = mysql_escape_string($ _ SERVER [''REMOTE_ADDR'']);


$ query =" SELECT * FROM users WHERE username =''{$ username}''AND

token =''{$ token}''AND session =''{$ session} ''AND ip =''{$ ip}''" ;;

$ result = mysql_query($ query,$ link)或死(无法选择);

echo" check session:< br />" ;;

print_r($ result);

echo"< br /> " ;;

if($ result!= false){

} else {

$ this-> logout();

}

}


函数set_session_defaults(){

// session_start();

//// session_register(" logged"," uid"," username");

$ _SESSION [''logged''] = false;

$ _SESSION [''uid''] = 0;

$ _SESSION [''username''] ='''';

}


函数set_session($ result,$ init = true){

global $ db;

$ link = $ db-> ; connectDB();


if($ init){

// session_start();

$ session = mysql_escape_string( session_id());

$ ip = mysql_escape_string($ _ SERVER [''REM OTE_ADDR'']);

$ result [''token''] = $ this-> token(); //生成一个新令牌

$ query =" UPDATE users SET session =''{$ session}'',

token =''{$ result [' 'token'']}'',ip =''{$ ip}''WHERE uid =''{$ result [''uid'']}''" ;;

mysql_query( $ query,$ link)或死(无法选择);

$ _SESSION [''logged''] = true;

$ _SESSION ['' uid''] = $ result [''uid''];

$ _SESSION [''username''] = $ result [''username''];

echo" set session:< br />" ;;

print_r($ result);

echo"< br />" ;;

echo" session:"。$ session。"< br />" ;;

echo" ip:"。$ ip。" ;< br />" ;;

}

}


函数令牌(){

//生成随机令牌

for($ i = 1; $ i< 33; $ i ++){

$ seed。= chr(rand(0,255) ));

}

返回md5($ seed);

}


函数logout(){

global $ db;

$ link = $ db-> connectDB();


$ query =" UPDATE users SET session ='''',token ='''',ip =''''WHERE

uid =''{$ _SESSION [''uid'']}''" ;;

mysql_query($ query,$ link)或死(无法选择);

mysql_close ($ link);

unset($ _ SESSION [''username'']);

unset($ _ SESSION [''logged'']);

unset($ _ SESSION [''uid'']);

// kill会话变量

$ _SESSION = array(); //重置会话数组

session_destroy();


/ ** $ this-> set_session_defaults();

session_destroy (); ***** /


echo"退出...< br />" ;;

返回true; < br $>
}

} //结束课程登录


DBAccess课程

------ -------------------

类DBAccess {

var $ _login;


//构造函数

函数DBAccess(){

$ this -_login = array();

$ this -_login [ ''db_loginid''] =" testuser";

$ this -_login [''db_password''] ="" ;;

$ this -_login [ ''hostname''] =" localhost";

$ this -_login [''db_name''] =" dblogin";

}


函数connectDB(){

if(!($ link = @mysql_connect($ this-> _login [''hostname''],

$ this-> _login [''db_loginid''],$ this-> _login [''db_passwor d'']))){

echo"< strong>无法连接:& nbsp;< / strong>" .mysql_error()。"< br

/>< hr size =''1''/>< br />" ;;

}否则if(!@mysql_select_db($ this-) > _login [''db_name''],$ link)){

echo"无法选择数据库';

}

if($ link){

返回$ link;

}

} //结束connectDB()

} // end class DB_Access

数据库结构

-------------------------- -

CREATE TABLE`users`(

`uid`int(11)NOT NULL auto_increment,

`username`varchar(20) NOT NULL默认'''',

`password` varchar(50)NOT NULL默认'''',

`token` varchar(100)NOT NULL default' ''',

`session`varchar(100)NOT NULL默认'''',

`ip` varchar(20)NOT NULL默认'''',

PRIMARY KEY(`uid`),

UNI QUE KEY`username`(`username`)

)ENGINE = InnoDB DEFAULT CHARSET = latin1 AUTO_INCREMENT = 2;

Hi all,

I''ve written a login/logout code. It does what it''s supposed to do but
the problem is when I logout and press browser''s back button (in
Firefox), I get to the last login page. In IE, when I press back
button, I get to the page that says "Page has Expired" but Firefox does
not do this.

I think it''s something to do with sessions not properly unset or
something like that but I haven''t been able to figure it out. I am
attaching my codes and database structure below. If you need more info,
please email me. I really want this to be fixed asap. I''ve played with
this long enough. Thanks!

Login class:
-----------------

class Login {
//var $loginflag;
//var $db_connect;

function Login() {
//$this ->db_connect = $db_connect;

if (!isset($_SESSION[''uid'']) || $_SESSION[''uid''] == 0) {
$this->set_session_defaults();
echo "inside login class<br />";
}
}

function check_login($username, $password) {
global $db;
$link=$db->connectDB();

if ($_SESSION[''logged'']) {
$this->check_session();
echo "logged...<br />";
return true;
} else {
$username = mysql_escape_string($username);
$query = "SELECT * FROM users WHERE username = ''$username'' AND
AES_DECRYPT(password, ''dreamfilmslogin438ismbtsx'') = ''$password''";
$result = mysql_query($query, $link) or die("Could not select");

if (mysql_num_rows($result)) {
$this->set_session($username = mysql_fetch_assoc($result), true);
return $username[''username''];
} else {
$this->failed = true;
session_destroy();
return false;
}
}
}

function check_session() {
global $db;
$link=$db->connectDB();

$username = mysql_escape_string($_SESSION[''username'']);
$token = mysql_escape_string($_SESSION[''token'']);
$session = mysql_escape_string(session_id());
$ip = mysql_escape_string($_SERVER[''REMOTE_ADDR'']);

$query = "SELECT * FROM users WHERE username=''{$username}'' AND
token=''{$token}'' AND session=''{$session}'' AND ip=''{$ip}''";
$result = mysql_query($query, $link) or die("Could not select");
echo "check session:<br />";
print_r($result);
echo "<br />";
if ($result != false) {
} else {
$this->logout();
}
}

function set_session_defaults() {
//session_start();
////session_register("logged", "uid", "username");
$_SESSION[''logged''] = false;
$_SESSION[''uid''] = 0;
$_SESSION[''username''] = '''';
}

function set_session($result,$init = true) {
global $db;
$link=$db->connectDB();

if ($init) {
//session_start();
$session = mysql_escape_string(session_id());
$ip = mysql_escape_string($_SERVER[''REMOTE_ADDR'']);
$result[''token''] = $this->token(); // generate a new token
$query = "UPDATE users SET session=''{$session}'',
token=''{$result[''token'']}'', ip=''{$ip}'' WHERE uid=''{$result[''uid'']}''";
mysql_query($query, $link) or die("Could not select");
$_SESSION[''logged''] = true;
$_SESSION[''uid''] = $result[''uid''];
$_SESSION[''username''] = $result[''username''];
echo "set session:<br />";
print_r($result);
echo "<br />";
echo "session: ".$session."<br />";
echo "ip: ".$ip."<br />";
}
}

function token() {
// generate a random token
for($i=1;$i<33;$i++) {
$seed .= chr(rand(0,255));
}
return md5($seed);
}

function logout() {
global $db;
$link=$db->connectDB();

$query = "UPDATE users SET session='''', token='''', ip='''' WHERE
uid=''{$_SESSION[''uid'']}''";
mysql_query($query, $link) or die("Could not select");
mysql_close($link);
unset($_SESSION[''username'']);
unset($_SESSION[''logged'']);
unset($_SESSION[''uid'']);
// kill session variables
$_SESSION = array(); // reset session array
session_destroy();

/**$this->set_session_defaults();
session_destroy();*****/

echo "logged out...<br />";
return true;
}
} // end class Login

DBAccess class
-------------------------
class DBAccess {
var $_login;

// Constructor
function DBAccess() {
$this -_login = array();
$this -_login[''db_loginid''] = "testuser";
$this -_login[''db_password''] = "";
$this -_login[''hostname''] = "localhost";
$this -_login[''db_name''] = "dblogin";
}

function connectDB() {
if (!($link = @mysql_connect($this->_login[''hostname''],
$this->_login[''db_loginid''], $this->_login[''db_password'']))) {
echo "<strong>Could not connect:&nbsp;</strong>".mysql_error()."<br
/><hr size=''1'' /><br />";
} else if (!@mysql_select_db($this->_login[''db_name''],$link)) {
echo "Could not select database";
}
if ($link) {
return $link;
}
} // end connectDB()
} // end class DB_Access
database structure
----------------------------
CREATE TABLE `users` (
`uid` int(11) NOT NULL auto_increment,
`username` varchar(20) NOT NULL default '''',
`password` varchar(50) NOT NULL default '''',
`token` varchar(100) NOT NULL default '''',
`session` varchar(100) NOT NULL default '''',
`ip` varchar(20) NOT NULL default '''',
PRIMARY KEY (`uid`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

推荐答案

loginflag;

// var
loginflag;
//var


db_connect;


函数登录(){

//
db_connect;

function Login() {
//


this - > db_connect =
this ->db_connect =


这篇关于注销需要帮助(注销不完美)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆