如何终止PHP会话? [英] How do I kill a PHP session?
问题描述
我正在编写一个社交网站,并且试图找出PHP会话.在登录页面的顶部,我调用session_destroy(),并在新用户正式注册为用户的页面和用户主页上调用session_start().当用户注销时,他们将链接到具有session_destroy的主页,但是无论我输入什么用户名或密码,我都可以以刚刚注销的用户身份重新登录.这是我第一次使用会话,因此我想知道应该将session_destroy放在哪里,这样当我注销时它实际上会破坏会话.
I am writing a social networking site, and I am trying to figure out PHP sessions. At the top of the login page, I call session_destroy(), and I call session_start() at the page where new users are officially registered as users and at the user homepage. When a user logs out, they are linked to the home page that has session_destroy, but then I can log back in as whatever user just logged out, no matter what username or password I enter. This is my first time working with sessions, so I'm wondering where I'm supposed to put session_destroy so it actually destroys the session when I logout.
推荐答案
使用 session_destroy
破坏会话数据和 session_unset
分别清除$_SESSION
变量.
此外,在尝试进行身份验证以更改当前会话的ID并销毁仍与旧会话ID关联的会话数据后,调用session_regenerate_id(true)
.
Furthermore, call session_regenerate_id(true)
after an authentication attempt to change the current session’s ID and destroy the session data that is still associated to the old session ID.
这篇关于如何终止PHP会话?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!