会话未在codeigniter中销毁 [英] Session is not being destroy in codeigniter

问题描述

我正在尝试取消当前登录用户的会话。如果我进行常规登录可以正常工作，但是当我使用cookie记住我的设置时，它不会被破坏。

I am trying to unset my current logged in user's session.It's working fine if i am doing normal login but when i use remember me settings using cookies it's not being destroy.

我用于设置会话和Cookie的代码是

My code for set the session and cookie is

public function login() {
    if(isset($this->session->userdata['username']) || isset($_COOKIE['user_id'])){
         $this->load->model('User');

            $p_uid = $this->User->user_login($_COOKIE['user_id'], $_COOKIE['password']);

     redirect(base_url() . "dashboard");
    }else{



    $this->form_validation->set_rules('user_id', 'User ID', 'required');
    $this->form_validation->set_rules('password', 'Password', 'required');
    if ($this->form_validation->run() == FALSE) {
        $this->load->view('login/login');

    } else {

        $user_id = $this->input->post('user_id');
        $password = $this->input->post('password');
        $this->load->model('User');

            $p_uid = $this->User->user_login($user_id, $password);
            //var_dump($p_uid);
            if ($p_uid) {
                if(isset($_POST['remember_me'])){
                    setcookie("user_id",$user_id,time()+86400*30);
                    setcookie("password",$password,time()+86400*30);

                }


               redirect(base_url() . "dashboard/");
            } else {
                $data=array(
                "error"=>"Wrong Userid Or Password"
                );
                $this->load->view('login/login',$data);
            }

    }
    }


}

我的注销函数是：

public function logout(){

    $this->load->helper('cookie');
    delete_cookie("user_id");
    delete_cookie("password");

    $this->session->unset_userdata("username");
    $this->session->sess_destroy();

    redirect(base_url());
}

我在哪里做错。请帮忙。谢谢

Where i am doing mistake. please help. Thanks

推荐答案

我前段时间也遇到过同样的问题。我正在尝试所有可能的方法。但是我失败了。最终我找到了 ob_start 和 ob_clean 的解决方案。注销应如下所示：

I've faced the same issue a while ago. I was trying all methods which were possible. But I failed. Finally I found the solution with ob_start and ob_clean . Logout should be like this:

class controllerName extends CI_Controller
{
    function __construct()
    {
        parent::__construct();
        ob_start();
        $this->load->library('Session');
        $this->load->helper('cookie');
    }

    public function logout()
    {
        $this->load->driver('cache');   
        $user_id = array(
            'name'   => 'user_id',
            'value'  => '',
            'expire' => '0',
            'domain' => '.localhost',
            'prefix' => ''
        );

        delete_cookie($user_id);               
        $this->session->sess_destroy();
        $this->cache->clean();

        ob_clean();
        redirect(base_url());            
    }

}

---

为防止加载浏览器后退按钮上一页，您应该执行以下操作

$sess = $this->session->userdata('username');
if(empty($sess))
{
    $this->session->set_flashdata('error', 'Session has Expired. Please login');
    redirect('loginController/method'); 
}
else
{
    # success. 
    # continue the normal code here 
}

FYI：：此函数应添加到每个函数中，或者由构造函数使用。

FYI: This should be added in every function or being used by a constructor to do it.

注意：不要在cookie中添加密码。 阅读-php cookie注入漏洞？

NOTE : Don't add password in cookie. Read - php cookie injection vulnerability?

这篇关于会话未在codeigniter中销毁的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！