会话未在codeigniter中销毁 [英] Session is not being destroy in codeigniter
问题描述
我正在尝试取消当前登录用户的会话。如果我进行常规登录可以正常工作,但是当我使用cookie记住我的设置时,它不会被破坏。
I am trying to unset my current logged in user's session.It's working fine if i am doing normal login but when i use remember me settings using cookies it's not being destroy.
我用于设置会话和Cookie的代码是
My code for set the session and cookie is
public function login() {
if(isset($this->session->userdata['username']) || isset($_COOKIE['user_id'])){
$this->load->model('User');
$p_uid = $this->User->user_login($_COOKIE['user_id'], $_COOKIE['password']);
redirect(base_url() . "dashboard");
}else{
$this->form_validation->set_rules('user_id', 'User ID', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() == FALSE) {
$this->load->view('login/login');
} else {
$user_id = $this->input->post('user_id');
$password = $this->input->post('password');
$this->load->model('User');
$p_uid = $this->User->user_login($user_id, $password);
//var_dump($p_uid);
if ($p_uid) {
if(isset($_POST['remember_me'])){
setcookie("user_id",$user_id,time()+86400*30);
setcookie("password",$password,time()+86400*30);
}
redirect(base_url() . "dashboard/");
} else {
$data=array(
"error"=>"Wrong Userid Or Password"
);
$this->load->view('login/login',$data);
}
}
}
}
我的注销函数是:
public function logout(){
$this->load->helper('cookie');
delete_cookie("user_id");
delete_cookie("password");
$this->session->unset_userdata("username");
$this->session->sess_destroy();
redirect(base_url());
}
我在哪里做错。请帮忙。谢谢
Where i am doing mistake. please help. Thanks
推荐答案
我前段时间也遇到过同样的问题。我正在尝试所有可能的方法。但是我失败了。最终我找到了 ob_start
和 ob_clean
的解决方案。注销应如下所示:
I've faced the same issue a while ago. I was trying all methods which were possible. But I failed. Finally I found the solution with ob_start
and ob_clean
. Logout should be like this:
class controllerName extends CI_Controller
{
function __construct()
{
parent::__construct();
ob_start();
$this->load->library('Session');
$this->load->helper('cookie');
}
public function logout()
{
$this->load->driver('cache');
$user_id = array(
'name' => 'user_id',
'value' => '',
'expire' => '0',
'domain' => '.localhost',
'prefix' => ''
);
delete_cookie($user_id);
$this->session->sess_destroy();
$this->cache->clean();
ob_clean();
redirect(base_url());
}
}
为防止加载浏览器后退按钮上一页,您应该执行以下操作
$sess = $this->session->userdata('username');
if(empty($sess))
{
$this->session->set_flashdata('error', 'Session has Expired. Please login');
redirect('loginController/method');
}
else
{
# success.
# continue the normal code here
}
FYI::此函数应添加到每个函数中,或者由
构造函数
使用。
FYI: This should be added in every function or being used by a
constructor
to do it.
注意:不要在cookie中添加密码。 阅读-php cookie注入漏洞?
NOTE : Don't add password in cookie. Read - php cookie injection vulnerability?
这篇关于会话未在codeigniter中销毁的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!