0
我想在登录时存储cookie以记住我的概念。其工作正常,但当我注销cookie也销毁。我的代码如下所示...Cookie破坏会话破坏,为什么?
登录页面:
<?php
if(isset($_POST['submitLogin']))
{
extract($_POST);
$obj = new validation();
$obj->add_fields($uname, 'req',ER_EMAIL);
$obj->add_fields($passwd, 'req', ER_PSW);
$error = $obj->validate();
$password=md5($passwd);
$qry1=$con->recordselect("SELECT *,concat(first_name,' ',last_name) as user_name FROM user WHERE uname='".addContent($uname)."' AND password='".addContent($password)."'");
$tot_rec=mysql_num_rows($qry1);
$valid_user=mysql_fetch_array($qry1);
if($tot_rec>0)
{
if($valid_user['status']=='a')
{
if($valid_user['password_status'] == 0)
{
$_SESSION["userId"]=$valid_user['id'];
$_SESSION["user_name"]=$valid_user['user_name'];
if($error=='')
{
if (isset($_POST['rememberme'])) {
setcookie('uname',$_POST['uname'],time() + (24 * 60 * 60 * 30));
setcookie('passwd',$_POST['passwd'],time() + (24 * 60 * 60 * 30));
setcookie('rememberme',1,time() + (24 * 60 * 60 *30));
}
else
{
setcookie('uname',$_POST['uname'],time() - (24 * 60 * 60 * 30));
setcookie('passwd',$_POST['passwd'],time() - (24 * 60 * 60 * 30));
setcookie('rememberme',1,time() - (24 * 60 * 60 * 30));
}
}
redirectPage(home.php");
}
}
else
{
$error=ER_DACT;
redirectPage("login.php?Err=ER_DACT");
}
}
else{
$error=ER_INVUP;
redirectPage("login.php?Err=ER_INVUP");
}
}
?>
这里是我的注销页面:
<?php
$_SESSION["userId"]="";
$_SESSION["name"]="";
session_destroy();
redirectPage(login.php);
?>
更新
HTML代码在这里:
<form action="login.php" method="post" name="frmCP1" id="frmCP1">
<div class="space10"></div><!--space10-->
<div class="text18blue">Student Login</div>
<div class="h-line"></div>
<div><strong>Username:</strong> <span class="errortext">*</span></div>
<div>
<input name="uname" id="uname" type="text" value="<?php if(isset($_COOKIE['uname'])&&$_COOKIE['uname']!=''){echo $_COOKIE['uname'];}else {echo '';} ?>" />
</div>
<div class="space10"></div>
<div><strong>Password:</strong> <span class="errortext">*</span></div>
<div><input id="passwd" name="passwd" type="password" value="<?php if(isset($_COOKIE['passwd'])&&$_COOKIE['passwd']!=""){echo $_COOKIE['passwd'];}else {echo "";} ?>" /></div>
<div class="space10"></div>
<div class="checkbox fl"><input <?php if(isset($_COOKIE['rememberme']) && $_COOKIE['rememberme']=="1"){echo "checked='checked'";} ?> id="remember" name="rememberme" type="checkbox" value="1"/></div>
<div>Remember me</div>
<div class="space10"></div>
<div><input id="submitLogin" name="submitLogin" type="submit" value="Login" /></div>
<div class="space10"></div>
<div><a href="javascript:void(0)" id="dialog_link">Forgot password?</a></div>
<div class="flclear"></div>
</form>
所以当我注销我的cookie也破坏为什么? 在此先感谢
只是说,但不是有24 * 60 * 60 * 30 CANT你只是说2592000?它也使用不推荐的mysql_函数。我建议切换到PDO或mysqli。 – lemondrop
@lemondrop是的,我可以使用,但我只是想找到这个问题 –
如何检查登录页面上的自动登录功能的cookie信息?另外,您将一个纯文本密码存储为一个cookie,永远不会这样做。 @lemondrop说'24 * 60 * 60 * 30'正在隔离时间,所以很容易修改而不需要重新计算,而且使其他程序员更容易读取它传输的时间。 – Jon