dongpao2871 2016-03-27 10:40
浏览 44
已采纳

防止用户访问只能通过登录获取的数据的最佳方法是什么?

I am using a publicly made login to test and modify, however no matter what I do when a user logs out, they are able to log right back in by using the back button in their browser, refresh the page, and still be logged in. What is the best way to prevent this? I am new to PHP and am in the process of learning. Any help would be greatly appreciated.

You can find all of the files necessary here: https://github.com/devplanete/php-login-advanced.

You can also test it here: http://www.php-login.net/demo3.html

  • 写回答

1条回答 默认 最新

  • douyi6168 2016-03-27 11:10
    关注

    I think that there are only 2 possibilities that are wrong. First you do not delete the cookies and the sessions properly which makes the user is not logged out.

    Secondly, you don't check on the page they try to access if the user is logged or not.

    Update: As said above in the comments, you need to separate your login form treatment from the index page if you want not the user to be able to re log again from the logout page by pressing back key. Your template is currently index.php => index.php login treatment then displaying You need to do index.php => login.php login treatment => redirect back to index.php

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 微信会员卡等级和折扣规则
  • ¥15 微信公众平台自制会员卡可以通过收款码收款码收款进行自动积分吗
  • ¥15 随身WiFi网络灯亮但是没有网络,如何解决?
  • ¥15 gdf格式的脑电数据如何处理matlab
  • ¥20 重新写的代码替换了之后运行hbuliderx就这样了
  • ¥100 监控抖音用户作品更新可以微信公众号提醒
  • ¥15 UE5 如何可以不渲染HDRIBackdrop背景
  • ¥70 2048小游戏毕设项目
  • ¥20 mysql架构,按照姓名分表
  • ¥15 MATLAB实现区间[a,b]上的Gauss-Legendre积分