注销需要帮助(注销不完美) [英] need help with logout (logout not perfect)
问题描述
大家好,
我写了一个登录/注销代码。它做了它应该做的但是
问题是当我退出并按下浏览器的后退按钮时(在
Firefox中),我到了上次登录页面。在IE中,当我按回
按钮时,我会进入页面已过期的页面。但Firefox确实没有这样做。
不这样做。
我认为这与会话未正确设置或
有关类似的东西,但我还没能弄明白。我是
附上我的代码和数据库结构如下。如果您需要更多信息,
请给我发电子邮件。我真的希望尽快解决这个问题。我已经玩了很长时间的
。谢谢!
登录课程:
-----------------
class登录{
// var $ loginflag;
// var $ db_connect;
功能登录( ){
// $ this - > db_connect = $ db_connect;
if(!isset($ _ SESSION [''uid''])| | $ _SESSION [''uid''] == 0){
$ this-> set_session_defaults();
echo"登录类内< br /> ;" ;;
}
}
函数check_login($ username,$ password){
global $ db;
$ link = $ db-> connectDB();
if($ _SESSION [''logged'']) {
$ this-> check_session();
echo" logged ...< br />";
返回true;
} else {
$ username = mysql_escape_string($ username);
$ query =" SELECT * FROM users WHERE username =''$ username''AND
AES_DECRYPT(密码,''dreamfilmslogin438ismbtsx'') =''$ password''" ;;
$ result = mysql_query($ query,$ link)或死(无法选择);
if(mysql_num_rows($ result)){
$ this-> set_session($ username = mysql_fetch_assoc($ result),true);
返回$ username [ ''用户名''];
}其他{
$ this-> failed = true;
session_destroy();
返回false;
}
}
}
function check_session( ){
global $ db;
$ link = $ db-> connectDB();
$ username = mysql_escape_string ($ _SESSION [ '' 用户名 '']);
$令牌=函数mysql_escape_string($ _ SESSION [ '' 令牌 '']);
$会话=函数mysql_escape_string(SESSION_ID ());
$ ip = mysql_escape_string($ _ SERVER [''REMOTE_ADDR'']);
$ query =" SELECT * FROM users WHERE username =''{$ username}''AND
token =''{$ token}''AND session =''{$ session} ''AND ip =''{$ ip}''" ;;
$ result = mysql_query($ query,$ link)或死(无法选择);
echo" check session:< br />" ;;
print_r($ result);
echo"< br /> " ;;
if($ result!= false){
} else {
$ this-> logout();
}
}
函数set_session_defaults(){
// session_start();
//// session_register(" logged"," uid"," username");
$ _SESSION [''logged''] = false;
$ _SESSION [''uid''] = 0;
$ _SESSION [''username''] ='''';
}
函数set_session($ result,$ init = true){
global $ db;
$ link = $ db-> ; connectDB();
if($ init){
// session_start();
$ session = mysql_escape_string( session_id());
$ ip = mysql_escape_string($ _ SERVER [''REM OTE_ADDR'']);
$ result [''token''] = $ this-> token(); //生成一个新令牌
$ query =" UPDATE users SET session =''{$ session}'',
token =''{$ result [' 'token'']}'',ip =''{$ ip}''WHERE uid =''{$ result [''uid'']}''" ;;
mysql_query( $ query,$ link)或死(无法选择);
$ _SESSION [''logged''] = true;
$ _SESSION ['' uid''] = $ result [''uid''];
$ _SESSION [''username''] = $ result [''username''];
echo" set session:< br />" ;;
print_r($ result);
echo"< br />" ;;
echo" session:"。$ session。"< br />" ;;
echo" ip:"。$ ip。" ;< br />" ;;
}
}
函数令牌(){
//生成随机令牌
for($ i = 1; $ i< 33; $ i ++){
$ seed。= chr(rand(0,255) ));
}
返回md5($ seed);
}
函数logout(){
global $ db;
$ link = $ db-> connectDB();
$ query =" UPDATE users SET session ='''',token ='''',ip =''''WHERE
uid =''{$ _SESSION [''uid'']}''" ;;
mysql_query($ query,$ link)或死(无法选择);
mysql_close ($ link);
unset($ _ SESSION [''username'']);
unset($ _ SESSION [''logged'']);
unset($ _ SESSION [''uid'']);
// kill会话变量
$ _SESSION = array(); //重置会话数组
session_destroy();
/ ** $ this-> set_session_defaults();
session_destroy (); ***** /
echo"退出...< br />" ;;
返回true; < br $>
}
} //结束课程登录
DBAccess课程
------ -------------------
类DBAccess {
var $ _login;
//构造函数
函数DBAccess(){
$ this -_login = array();
$ this -_login [ ''db_loginid''] =" testuser";
$ this -_login [''db_password''] ="" ;;
$ this -_login [ ''hostname''] =" localhost";
$ this -_login [''db_name''] =" dblogin";
}
函数connectDB(){
if(!($ link = @mysql_connect($ this-> _login [''hostname''],
$ this-> _login [''db_loginid''],$ this-> _login [''db_passwor d'']))){
echo"< strong>无法连接:& nbsp;< / strong>" .mysql_error()。"< br
/>< hr size =''1''/>< br />" ;;
}否则if(!@mysql_select_db($ this-) > _login [''db_name''],$ link)){
echo"无法选择数据库';
}
if($ link){
返回$ link;
}
} //结束connectDB()
} // end class DB_Access
数据库结构
-------------------------- -
CREATE TABLE`users`(
`uid`int(11)NOT NULL auto_increment,
`username`varchar(20) NOT NULL默认'''',
`password` varchar(50)NOT NULL默认'''',
`token` varchar(100)NOT NULL default' ''',
`session`varchar(100)NOT NULL默认'''',
`ip` varchar(20)NOT NULL默认'''',
PRIMARY KEY(`uid`),
UNI QUE KEY`username`(`username`)
)ENGINE = InnoDB DEFAULT CHARSET = latin1 AUTO_INCREMENT = 2;
Hi all,
I''ve written a login/logout code. It does what it''s supposed to do but
the problem is when I logout and press browser''s back button (in
Firefox), I get to the last login page. In IE, when I press back
button, I get to the page that says "Page has Expired" but Firefox does
not do this.
I think it''s something to do with sessions not properly unset or
something like that but I haven''t been able to figure it out. I am
attaching my codes and database structure below. If you need more info,
please email me. I really want this to be fixed asap. I''ve played with
this long enough. Thanks!
Login class:
-----------------
class Login {
//var $loginflag;
//var $db_connect;
function Login() {
//$this ->db_connect = $db_connect;
if (!isset($_SESSION[''uid'']) || $_SESSION[''uid''] == 0) {
$this->set_session_defaults();
echo "inside login class<br />";
}
}
function check_login($username, $password) {
global $db;
$link=$db->connectDB();
if ($_SESSION[''logged'']) {
$this->check_session();
echo "logged...<br />";
return true;
} else {
$username = mysql_escape_string($username);
$query = "SELECT * FROM users WHERE username = ''$username'' AND
AES_DECRYPT(password, ''dreamfilmslogin438ismbtsx'') = ''$password''";
$result = mysql_query($query, $link) or die("Could not select");
if (mysql_num_rows($result)) {
$this->set_session($username = mysql_fetch_assoc($result), true);
return $username[''username''];
} else {
$this->failed = true;
session_destroy();
return false;
}
}
}
function check_session() {
global $db;
$link=$db->connectDB();
$username = mysql_escape_string($_SESSION[''username'']);
$token = mysql_escape_string($_SESSION[''token'']);
$session = mysql_escape_string(session_id());
$ip = mysql_escape_string($_SERVER[''REMOTE_ADDR'']);
$query = "SELECT * FROM users WHERE username=''{$username}'' AND
token=''{$token}'' AND session=''{$session}'' AND ip=''{$ip}''";
$result = mysql_query($query, $link) or die("Could not select");
echo "check session:<br />";
print_r($result);
echo "<br />";
if ($result != false) {
} else {
$this->logout();
}
}
function set_session_defaults() {
//session_start();
////session_register("logged", "uid", "username");
$_SESSION[''logged''] = false;
$_SESSION[''uid''] = 0;
$_SESSION[''username''] = '''';
}
function set_session($result,$init = true) {
global $db;
$link=$db->connectDB();
if ($init) {
//session_start();
$session = mysql_escape_string(session_id());
$ip = mysql_escape_string($_SERVER[''REMOTE_ADDR'']);
$result[''token''] = $this->token(); // generate a new token
$query = "UPDATE users SET session=''{$session}'',
token=''{$result[''token'']}'', ip=''{$ip}'' WHERE uid=''{$result[''uid'']}''";
mysql_query($query, $link) or die("Could not select");
$_SESSION[''logged''] = true;
$_SESSION[''uid''] = $result[''uid''];
$_SESSION[''username''] = $result[''username''];
echo "set session:<br />";
print_r($result);
echo "<br />";
echo "session: ".$session."<br />";
echo "ip: ".$ip."<br />";
}
}
function token() {
// generate a random token
for($i=1;$i<33;$i++) {
$seed .= chr(rand(0,255));
}
return md5($seed);
}
function logout() {
global $db;
$link=$db->connectDB();
$query = "UPDATE users SET session='''', token='''', ip='''' WHERE
uid=''{$_SESSION[''uid'']}''";
mysql_query($query, $link) or die("Could not select");
mysql_close($link);
unset($_SESSION[''username'']);
unset($_SESSION[''logged'']);
unset($_SESSION[''uid'']);
// kill session variables
$_SESSION = array(); // reset session array
session_destroy();
/**$this->set_session_defaults();
session_destroy();*****/
echo "logged out...<br />";
return true;
}
} // end class Login
DBAccess class
-------------------------
class DBAccess {
var $_login;
// Constructor
function DBAccess() {
$this -_login = array();
$this -_login[''db_loginid''] = "testuser";
$this -_login[''db_password''] = "";
$this -_login[''hostname''] = "localhost";
$this -_login[''db_name''] = "dblogin";
}
function connectDB() {
if (!($link = @mysql_connect($this->_login[''hostname''],
$this->_login[''db_loginid''], $this->_login[''db_password'']))) {
echo "<strong>Could not connect: </strong>".mysql_error()."<br
/><hr size=''1'' /><br />";
} else if (!@mysql_select_db($this->_login[''db_name''],$link)) {
echo "Could not select database";
}
if ($link) {
return $link;
}
} // end connectDB()
} // end class DB_Access
database structure
----------------------------
CREATE TABLE `users` (
`uid` int(11) NOT NULL auto_increment,
`username` varchar(20) NOT NULL default '''',
`password` varchar(50) NOT NULL default '''',
`token` varchar(100) NOT NULL default '''',
`session` varchar(100) NOT NULL default '''',
`ip` varchar(20) NOT NULL default '''',
PRIMARY KEY (`uid`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
推荐答案
loginflag;
// var
loginflag;
//var
db_connect;
函数登录(){
//
db_connect;
function Login() {
//
this - > db_connect =
this ->db_connect =
这篇关于注销需要帮助(注销不完美)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!