简单注销脚本 [英] Simple Logout Script

问题描述

我使用下面的代码登录用户。当新会话创建时，他们被重定向到一个新的页面 - content.php 。我想知道什么是最好的方式/正确的方式来销毁会话和注销用户，重定向他们回到 index.php 。

I'm using the code below to log users in. When the new session is created they are redirected to a new page - content.php. I wonder what's the best way/the proper way to destroy the session and log out the users, redirectiong them back to the index.php.

<?php 
if (isset($_REQUEST['signin'])){

$username = $_POST['username'];
$password = $_POST['password'];

$query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";
$result = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($result);

if ($count == 1){
$_SESSION['username'] = $username;
header('Location: content.php');
}
else{
echo "Invalid Login Credentials.";
}
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
header('Location: content.php');
}
?>


<form method="post" name="login">
        <?php 
        if (isset($msg) & !empty($msg)) {
                    echo $msg;
                    }
        ?>
        <label for="username">Username:</label><br>
        <input type="text" name="username"><br>
        <label for="password">Password:</label><br>
        <input type="password" name="password"><br>
        <button type="submit" name="signin">Sign in</button>
</form>

我知道这个脚本有缺陷（例如没有加密的密码），但现在我' m寻找一个简单的脚本注销。

I know that there are flaws in this script (e.g. not encrypted password), but for now I'm looking for a simple script to log out.

推荐答案

注销用户的最好和最简单的方法是销毁整个会话或取消设置必要的会话密钥。

The best and most simple way to logout a user is to destroy the whole session or unset the necessary session keys.

session_destroy();
// or...
unset($_SESSION['username'];

header('Location: index.php');

我更喜欢unset，因为你可能想在会话数组中存储更多的数据。

I prefer the unset because you might want to store more data in the session array.

这篇关于简单注销脚本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！