本文介绍了PHP会话在“注销"按钮上销毁的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我当前正在一个具有登录名(用户名和密码)的网站上工作-密码保护是由Web服务器中的操作系统在操作系统中称为Realm的文件夹级别上进行的.现在,这必须要做,直到我们找出合适的PHP登录系统.

I'm currently working on a site that has a log-in (username and password) - The password protection is done by the operating system within the web server at folder level called a Realm within the OS. For now this will have to do, until we figure out a proper PHP log in system.

下面的代码基于关于堆栈溢出的先前问题.

我正在使用3个文件(请参阅底部的代码段).

I'm using 3 files (See code snippets at the bottom).

过程是:-单击index.php上的登录"按钮-输入用户名和密码以访问身份验证索引文件.-单击引用logout.php文件的注销按钮-应该清除缓存并将用户返回到顶级索引.

The process is:- Click Log In button on index.php- Enter username and password to access authenticate index file.- Click log out button, which references the logout.php file - it SHOULD clear the cache and return the user to the top level index.

从不要求您在提示输入密码时重新输入密码的意义上来说,这并不会破坏会话",这基本上就是我想要发生的情况.

It doesn't 'destroy the session' in the sense that you're not asked to re-enter the password when prompted to, which is essentially what I want to happen.

我对php的最低了解使我在这里有些困惑.

My minimal knowledge of php leaves me a little bit stumped here.

index.php (带有登录按钮的顶级文件)

index.php (top level file with log in button)

<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Test</title>
</head>
<body>
<a href="authenticate/index.php">Log In Btn</a>
</body>
</html>

authenticate/index.php (此文件夹受密码保护-包含带有注销按钮的索引文件,该文件链接到logout.php文件)

authenticate/index.php (This folder is password protected - contains the index file with the log out button which links to the logout.php file)

<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Log out</title>
</head>
<body>
<a href="logout.php">Log Out Btn</a>
</body>
</html>

authenticate/logout.php

<?php
session_start(); //to ensure you are using same session
session_destroy(); //destroy the session
header("location:/index.php"); //to redirect back to "index.php" after logging out
exit();
?>

推荐答案

受密码保护的文件夹与PHP无关无关

The folder being password protected has nothing to do with PHP!

所使用的方法称为基本身份验证".除了要求用户关闭然后打开浏览器之外,没有跨浏览器的方法可以从中注销".

The method being used is called "Basic Authentication". There are no cross-browser ways to "logout" from it, except to ask the user to close and then open their browser...

这是您可以用PHP代替的方式(在.htaccess或其中的第一个位置中完全删除Apache基本身份验证):

Here's how you you could do it in PHP instead (fully remove your Apache basic auth in .htaccess or wherever it is first):

login.php:

login.php:

<?php
session_start();
//change 'valid_username' and 'valid_password' to your desired "correct" username and password
if (! empty($_POST) && $_POST['user'] === 'valid_username' && $_POST['pass'] === 'valid_password')
{
    $_SESSION['logged_in'] = true;
    header('Location: /index.php');
}
else
{
    ?>

    <form method="POST">
    Username: <input name="user" type="text"><br>
    Password: <input name="pass" type="text"><br><br>
    <input type="submit" value="submit">
    </form>

    <?php
}

index.php

index.php

<?php
session_start();
if (! empty($_SESSION['logged_in']))
{
    ?>

    <p>here is my super-secret content</p>
    <a href='logout.php'>Click here to log out</a>

    <?php
}
else
{
    echo 'You are not logged in. <a href="login.php">Click here</a> to log in.';
}

logout.php:

logout.php:

<?php
session_start();
session_destroy();
echo 'You have been logged out. <a href="/">Go back</a>';

很明显,这是非常的基本实现.您希望用户名和密码位于数据库中,而不是硬编码的比较中.我只是想让您了解如何进行会议.

Obviously this is a very basic implementation. You'd expect the usernames and passwords to be in a database, not as a hardcoded comparison. I'm just trying to give you an idea of how to do the session thing.

希望这可以帮助您了解发生了什么事情.

Hope this helps you understand what's going on.

这篇关于PHP会话在“注销"按钮上销毁的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-27 17:42
查看更多