1. 首页
  2. 问答
  3. 刷新页面时会话变量重置(注销用户)

刷新页面时会话变量重置(注销用户)

2013-03-14 81 views
2

我正在使用PHP身份验证系统登录用户。登录用户可以正常工作,但是,刷新页面(在任何页面上)会话变量重置并且用户被“注销”。我在每个页面上都使用session_start()。我有文件auth.php和authenticate.php来记录和认证用户。这是一个令人沮丧的问题和帮助,将不胜感激。我会给你这里的代码:刷新页面时会话变量重置(注销用户)

auth.php:

<?php 
function credentials_valid($email, $password) { 
    $email = mysql_real_escape_string($email); 
    $query = "SELECT `id`, `salt`, `password` 
       FROM `#######` 
       WHERE `email` = '$email' "; 

    $result = mysql_query($query); 
    if(mysql_num_rows($result)) { 
     $user = mysql_fetch_assoc($result); 

     $password_requested = sha1($user['salt'] . $password); 
     if($password_requested === $user['password']) { 
      return $user['id']; 
      } 
     } 
    return false; 
} 

//logs into the user $user 
function log_in($user_id){ 
    $_SESSION['user_id'] = $user_id; 

} 

//Returns the currently logged in user (if any) 
function current_user(){ 
    static $current_user; 
    if(!$current_user) { 
     if($_SESSION['user_id']){ 
      $user_id = intval($_SESSION['user_id']); 
      $query = "SELECT * 
         FROM `#######` 
         WHERE `id` = $user_id"; 

      $result = mysql_query($query); 
      if(mysql_num_rows($result)){ 
       $current_user = mysql_fetch_assoc($result); 
       return $current_user; 
       } 
      } 
     } 
     return $current_user; 
    } 


//Requires a current user 
function require_login() { 
    if(!current_user()){ 
     $_SESSION['redirect_to'] = $_SERVER["REQUEST_URI"]; 
     header("Location: index.php"); 
     exit("You must log in."); 

} 
} 

?>

authenticate.php:

<?php 
session_start(); 
require_once "database.php"; 
db_connect(); 
require_once "auth.php"; 


$user_id = credentials_valid($_POST['username'], $_POST['password']); 
if($user_id){ 
    log_in($user_id); 

    if($_SESSION['redirect_to']){ 
     header("Location: " . $_SESSION['redirect_to']); 
     unset($_SESSION['redirect_to']); 

    }else{ 
     header("Location: index.php");   
    } 

}else{ 
     header("Location: login.php?error=1"); 
     exit("You are being redirected");  
} 

?>

我的网页上,其中一个用户登录的一个,我有这php头文件:

<?php 

    session_start(); 
    require_once "database.php"; 
    db_connect(); 
    require_once "auth.php"; 

    $current_user = current_user(); 

if(isset($_GET["logout"]) && $_GET["logout"]==1) 
    { 
     //User clicked logout button, distroy all session variables. 
     session_destroy(); 
     header('Location: '.$return_url); 
    } 
?>

系统不稳定。有时如果我在登录后立即刷新页面,会话变量将立即被销毁。其他时候,用户将在连续刷新几次后保持登录状态。请让我知道你看到了什么问题。谢谢!

来源

2013-03-14 user1072337

回答

2

请注意在PHP代码的每个页面上使用session_start()的重点,并且从您的代码看来,某些页面不包含session_start();

另一件事,你的代码:

header("Location: " . $_SESSION['redirect_to']); 
    unset($_SESSION['redirect_to']);

必须改变你的代码:

a=$_SESSION['redirect_to']; 
    unset($_SESSION['redirect_to']); 
    header("Location: " . $a); 
    exit();

未设置之后,建议不要重定向,你也必须关闭前一道工序它有时会继续在后台运行该进程。不建议在标题命令之后尝试每种方法..

来源

2013-03-14 17:22:52 Vineet1982

+0

初始测试时,这看起来像是起作用。谢谢! – user1072337 2013-03-14 18:43:03

+0

好吧,经过一定的时间(即使有这些更改并将session_start()添加到auth.php),会话变量重置 – user1072337 2013-03-14 18:46:53

+0

还有其他什么帮助吗? – user1072337 2013-03-14 20:47:59

相关问题

 相关问题