doumianfeng6979 2019-02-02 13:38

已采纳

如何在具有安全功能的注销页面中添加注销按钮？

When the user goes to my website after the user logins in on this page they're then presented with this page . However, if I type in the full URL webbrowserinfo.96.lt/logindone/logincode/V1/homepage.php it loads regardless if the user logins in or not. From doing my own tests it has something to do with the log out button.

Therefore, I was thinking I need to do something like this below. However, when I add this code to my protected password page i.e homepage.php it doesn't work i.e nothing happens when I click logout.

<form action="index.php" method="post">
           <!-- Logout button -->
           <div class="inner_container">
               <button class="logout_button" type="submit">Log Out<i class="fas fa-sign-in-alt"></i>
               </button>
            </div>
</form>

Here is my full code for the password protected code

<!doctype html>
<html lang="en">
   <head>
      <meta charset="utf-8">
      <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
      <meta name="description" content="">
      <meta name="author" content="">
      <link rel="icon" href="../../../../favicon.ico">
      <!-- Site title, CSS external file and font awesome -->
      <title>Login Page - Created by Liam Docherty</title>
      <link rel="stylesheet" href="css/design.css">
      <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css" integrity="sha384-UHRtZLI+pbxtHCWp1t77Bi1L4ZtiqrqD80Kn4Z8NTSRyMA2Fd33n5dQ8lWUE00s/" crossorigin="anonymous">
      <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous">
   </head>
   <body class="bg-white">
      <div class="container">
         <div class="py-5 text-center">
            <img class="d-block mx-auto mb-4" src="https://getbootstrap.com/docs/4.0/assets/brand/bootstrap-solid.svg" alt="" width="72" height="72">
            <h2>Checkout form</h2>
            <p class="lead">Below is an example form built entirely with Bootstrap's form controls. Each required form group has a validation state that can be triggered by attempting to submit the form without completing it.</p>
         </div>
         <div class="row">
            <div class="col-md-4 order-md-2 mb-4">
               <h4 class="d-flex justify-content-between align-items-center mb-3">
                  <span class="text-muted">Your cart</span>
                  <span class="badge badge-secondary badge-pill">3</span>
               </h4>
               <ul class="list-group mb-3">
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Product name</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$12</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Second product</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$8</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Third item</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$5</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between bg-light">
                     <div class="text-success">
                        <h6 class="my-0">Promo code</h6>
                        <small>EXAMPLECODE</small>
                     </div>
                     <span class="text-success">-$5</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between">
                     <span>Total (USD)</span>
                     <strong>$20</strong>
                  </li>
               </ul>
               <form class="card p-2">
                  <div class="input-group">
                     <input type="text" class="form-control" placeholder="Promo code">
                     <div class="input-group-append">
                        <button type="submit" class="btn btn-secondary">Redeem</button>
                     </div>
                  </div>
               </form>
            </div>
            <div class="col-md-8 order-md-1">
               <h4 class="mb-3">Billing address</h4>
               <form class="needs-validation" novalidate>
                  <div class="row">
                     <div class="col-md-6 mb-3">
                        <label for="firstName">First name</label>
                        <input type="text" class="form-control" id="firstName" placeholder="" value="" required>
                        <div class="invalid-feedback">
                           Valid first name is required.
                        </div>
                     </div>
                     <div class="col-md-6 mb-3">
                        <label for="lastName">Last name</label>
                        <input type="text" class="form-control" id="lastName" placeholder="" value="" required>
                        <div class="invalid-feedback">
                           Valid last name is required.
                        </div>
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="username">Username</label>
                     <div class="input-group">
                        <div class="input-group-prepend">
                           <span class="input-group-text">@</span>
                        </div>
                        <input type="text" class="form-control" id="username" placeholder="Username" required>
                        <div class="invalid-feedback" style="width: 100%;">
                           Your username is required.
                        </div>
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="email">Email <span class="text-muted">(Optional)</span></label>
                     <input type="email" class="form-control" id="email" placeholder="you@example.com">
                     <div class="invalid-feedback">
                        Please enter a valid email address for shipping updates.
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="address">Address</label>
                     <input type="text" class="form-control" id="address" placeholder="34 Hoxton liam street" required>
                     <div class="invalid-feedback">
                        Please enter your shipping address.
                     </div>
                  </div>
                  <div class="row">
                     <div class="col-md-5 mb-3">
               <!-- Logout button -->
                <a class="btn btn-primary" href="index.php" role="button">Signout button</a>
               </div>
               </div>
            </div>
         </div>
      </div>
   </body>
</html>

My website has three scripts here they're if you need to see them

BELOW IS THE LOGIN PAGE CODE

<?php
   //PHP method to use cache memory to store details
   session_start();
   //Makes the "config.php" file available to be executed from this page
   require_once('dbconfig/config.php');
   ?>
<!DOCTYPE html>
<html>
   <head>
      <!-- Site title, CSS external file and font awesome -->
      <title>Login Page - Created by Liam Docherty</title>
      <link rel="stylesheet" href="css/design.css">
      <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous">
      <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css" integrity="sha384-UHRtZLI+pbxtHCWp1t77Bi1L4ZtiqrqD80Kn4Z8NTSRyMA2Fd33n5dQ8lWUE00s/" crossorigin="anonymous">
   </head>
   <body>
      <div id="main-wrapper">
         <center>
            <h2>Login Form - Created by Liam Docherty</h2>
         </center>
         <div class="imgcontainer">
            <img src="imgs/icon-person-512.png" alt="Avatar" class="avatar">
         </div>
         <!-- THE FORM -->
         <!-- action="index.php" -- This attribute shows where the PHP script that does the processing is located -->
         <!-- method="post" -- The attribute identifies the action that will be performed with the data of the form. I.E. POST data to the "users" database -->
         <form action="index.php" method="post">
            <div class="inner_container">
               <label><b>Username</b></label>
               <input type="text" placeholder="Enter Username" name="username" required>
               <label><b>Password</b></label>
               <input type="password" placeholder="Enter Password" name="password" required>
               <!-- The Login button -->
               <button class="login_button" name="login" type="submit">Login</button>
               <!-- The button that is linked to the "register.php" page -->
               <a href="register.php"><button type="button" class="register_btn">Register</button></a>
            </div>
         </form>
         <?php
            //Condition, checking the Login button is pressed
            if(isset($_POST['login']))
            {
                //The data from the Form (username & password) is stored into the @$username & @$passwordVariables
                //You use @ before a VARIABLE in PHP when you do not want to initialise the VARIABLE before using it
                @$username=$_POST['username'];
                @$password=$_POST['password'];

                //Statement that will SELECT the data from the "login" table, WHERE the Usename and Password typed match the typed ones
                //Once the database is checked, if login details match than it stores the data in the "$query" VARIABLE
                $query = "SELECT * FROM login WHERE username='$username' and password='$password' ";
                //echo $query;

                //This statement performs both the connection to the database using the values in the "$con" VARIABLE and
                //The SELECT statement stored in the "$query" VARIABLE
                $query_run = mysqli_query($con,$query);
                //echo mysql_num_rows($query_run);

                //IF the "$query_run" is run successfully, then
                if($query_run)
                {
                    //Check if the Username and Password exist in the database, if they exist
                    if(mysqli_num_rows($query_run)>0)
                    {
                    $row = mysqli_fetch_array($query_run,MYSQLI_ASSOC);

                    $_SESSION['username'] = $username;
                    $_SESSION['password'] = $password;

                    //Sent the user to the "homepage.php" page
                    header( "Location: homepage.php");
                    }
                    else
                    {
                        //IF NOT, Display the message below
                        echo '<script type="text/javascript">alert("No such User exists. Invalid Credentials")</script>';
                    }
                }

                //IF the "$query_run" is NOT successful, then
                else
                {
                    //Display this message
                    echo '<script type="text/javascript">alert("Database Error")</script>';
                }
            }
            else
            {
            }
            ?>
      </div>
   </body>
</html>

MY OWN UPDATED ATTEMPT BASED ON HELP

This issue with the code below is that it doesn't let me actually login. This is good though as it stops a user just typing in the full file path of the URL and bypassing the login system.

<?php
//check if session id is set. If it is not set, user will be redirected back to login page

if(!isset($_SESSION['username'])){
     header('Location:index.php');
     die();
}
?>

<!doctype html>
<html lang="en">
   <head>
      <meta charset="utf-8">
      <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
      <meta name="description" content="">
      <meta name="author" content="">
      <link rel="icon" href="../../../../favicon.ico">
      <!-- Site title, CSS external file and font awesome -->
      <title>Login Page - Created by Liam Docherty</title>
      <link rel="stylesheet" href="css/design.css">
      <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css" integrity="sha384-UHRtZLI+pbxtHCWp1t77Bi1L4ZtiqrqD80Kn4Z8NTSRyMA2Fd33n5dQ8lWUE00s/" crossorigin="anonymous">
      <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous">
   </head>
   <body class="bg-white">
      <div class="container">
         <div class="py-5 text-center">
            <img class="d-block mx-auto mb-4" src="https://getbootstrap.com/docs/4.0/assets/brand/bootstrap-solid.svg" alt="" width="72" height="72">
            <h2>Checkout form</h2>
            <p class="lead">Below is an example form built entirely with Bootstrap's form controls. Each required form group has a validation state that can be triggered by attempting to submit the form without completing it.</p>
         </div>
         <div class="row">
            <div class="col-md-4 order-md-2 mb-4">
               <h4 class="d-flex justify-content-between align-items-center mb-3">
                  <span class="text-muted">Your cart</span>
                  <span class="badge badge-secondary badge-pill">3</span>
               </h4>
               <ul class="list-group mb-3">
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Product name</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$12</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Second product</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$8</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between lh-condensed">
                     <div>
                        <h6 class="my-0">Third item</h6>
                        <small class="text-muted">Brief description</small>
                     </div>
                     <span class="text-muted">$5</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between bg-light">
                     <div class="text-success">
                        <h6 class="my-0">Promo code</h6>
                        <small>EXAMPLECODE</small>
                     </div>
                     <span class="text-success">-$5</span>
                  </li>
                  <li class="list-group-item d-flex justify-content-between">
                     <span>Total (USD)</span>
                     <strong>$20</strong>
                  </li>
               </ul>
               <form class="card p-2">
                  <div class="input-group">
                     <input type="text" class="form-control" placeholder="Promo code">
                     <div class="input-group-append">
                        <button type="submit" class="btn btn-secondary">Redeem</button>
                     </div>
                  </div>
               </form>
            </div>
            <div class="col-md-8 order-md-1">
               <h4 class="mb-3">Billing address</h4>
               <form class="needs-validation" novalidate>
                  <div class="row">
                     <div class="col-md-6 mb-3">
                        <label for="firstName">First name</label>
                        <input type="text" class="form-control" id="firstName" placeholder="" value="" required>
                        <div class="invalid-feedback">
                           Valid first name is required.
                        </div>
                     </div>
                     <div class="col-md-6 mb-3">
                        <label for="lastName">Last name</label>
                        <input type="text" class="form-control" id="lastName" placeholder="" value="" required>
                        <div class="invalid-feedback">
                           Valid last name is required.
                        </div>
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="username">Username</label>
                     <div class="input-group">
                        <div class="input-group-prepend">
                           <span class="input-group-text">@</span>
                        </div>
                        <input type="text" class="form-control" id="username" placeholder="Username" required>
                        <div class="invalid-feedback" style="width: 100%;">
                           Your username is required.
                        </div>
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="email">Email <span class="text-muted">(Optional)</span></label>
                     <input type="email" class="form-control" id="email" placeholder="you@example.com">
                     <div class="invalid-feedback">
                        Please enter a valid email address for shipping updates.
                     </div>
                  </div>
                  <div class="mb-3">
                     <label for="address">Address</label>
                     <input type="text" class="form-control" id="address" placeholder="34 Hoxton liam street" required>
                     <div class="invalid-feedback">
                        Please enter your shipping address.
                     </div>
                  </div>
                  <div class="row">
                     <div class="col-md-5 mb-3">
               <!-- Logout button -->
                <a class="btn btn-primary" href="index.php" role="button">Signout button</a>
               </div>
               </div>
            </div>
         </div>
      </div>
   </body>
</html>

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

2条回答默认最新

dqk77945 2019-02-03 15:23

关注

The following is a very simple solution for your logout functionality for the purpose of a school/college assignment.

A "live" production website will need a lot of security in the login system (but that is a whole other topic). I can see you know this already so i'll continue with my solution ;)

Firstly the logout form you did was a great idea well done. But I think it didn't work because I've noticed you haven't closed the <form> tag for your "Billing address" form within your homepage.php so you should do that before anything else.

Here's my advice on the full structure. Hope it helps :)

homepage.php

Add php to the top of the homepage above the <!doctype html> to check if the username is set and if not redirect to the index/login page.
Add an HTML form to the homepage with a "sign out" submit button which will redirect to the login/index page when submitted. (Make sure you put this form outside any other forms.)
Add a javaScript function called confirmLogOut to the homepage which will prompt the user to confirm they wish to log out.

So you should add the following code to your homepage.php (fit it in to your code where i've demonstarted-hopefully it's clear)

<?php
  //start the session
  session_start();
  //If the user is not logged in, send them to the index/login page
  if(!isset($_SESSION['username'])){
    header('Location: index.php'); 
    exit();
  }
?>

<!doctype html>
<html lang="en">
<head>
<script>
//javaScript function for prompting user to confirm they want to log out.
//This will be executed when the signout button is pressed.
function confirmLogOut(){
  var confirmation = confirm("Are you sure you want to log out?");
  if(confirmation){
    //the user has confirmed they would like to log out so we submit the form
    //ie return true
    return true;
  }else{
    //the user has canceled their log out request so we don't submit the form
    return false;
  }
}
</script>
</head>
<body>
  <!--Log out/sign out button form-->
  <!--When the following form is submitted we called the confirmLogOut javaScript function in order to prompt the 
user to confirm they wish to log out before redirecting to the index/login page-->
  <form id="form-log-out" method="post" action="index.php" onsubmit="return confirmLogOut()">
      <input name="log_out" type="hidden" value="1"/>
      <input type="submit" class="btn btn-primary" value="Signout button" />
  </form>
</body>
</html>

index.php

This is the full php code which should be at the top of your login/index page

<?php
  //PHP method to use cache memory to store details
  session_start();
  //Makes the "config.php" file available to be executed from this page
  require_once('dbconfig/config.php');
  if(isset($_POST["log_out"]) && ($_POST["log_out"] == '1')) {
    //the log_out post variable is set and is equal to 1. 
    //This means we have come from another page after pressing the log out button.          
    //unset all session values
    $_SESSION = array();

    //Destroy the session 
    session_destroy();
  }
?>

本回答被题主选为最佳回答 , 对您是否有帮助呢?

查看更多回答(1条)

报告相同问题？

关注问题

如何在具有安全功能的注销页面中添加注销按钮？ html php
2019-02-02 13:38

回答 2 已采纳 The following is a very simple solution for your logout functionality for the purpose of a school/
如何在我的PHP中实现注销按钮？ html php
2017-06-18 07:16

回答 3 已采纳 Create a logout.php and destroy the session there <?php session_start(); session_destroy(); ec
如何在刷新页面时调用注销页面？ javascript php
2016-07-26 07:05

回答 4 已采纳 Please try following code. <script type="text/javascript"> window.onload = function() {
Java web项目中防止用户注销后“后退”按钮返回注销前页面
2021-11-12 14:23

夕夕夕汐的博客实现方式：在Action中清除了缓存 jsp: <c:if test="${!empty sessionScope.user}"> <li><a href="#">欢迎：${sessionScope.user.username}</a></li> <li><a href="${...
在需要验证访问的django中，ajax如何防止用户注销后被访问？ django html5 jquery
2023-02-20 08:04

回答 4 已采纳其实，并不需要，每个view都加，你可以配置全局的登录验证，这个功能可以通过Middleware中间件来实现。具体怎么写这个中间件，你直接搜索Django全局登陆验证login_required等类似
请教一下redis注销功能怎么实现的 intellij-idea java
2022-11-02 09:54

回答 1 已采纳登陆生成token以后一般有两种操作：1.把token存到redis里去，登陆的时候，拿着传的token去redis找，找到了就说明登陆了，没找到就说明过期了，这个时候把redis里的token删掉就
链接html中的注销按钮以注销php php
2017-12-23 14:26

回答 4 已采纳 this will work you can call the php file using the bellow code as far as my knowledge you can cal
确认登录及注销功能的代码(前端＋后端)
2018-05-01 22:25

张思阳_Sia的博客在使用网站某些功能时，比如将商品加入购物车、在论坛上下载文件等，需要用户先登录才可操作，这时需要确认用户是否登录，如果未登录跳转到登录页面。实现思路后端：从session中取uid，如果有uid存储在...
sugarCRM：注销后如何重定向到外部页面？ ajax php
2017-08-01 11:26

回答 1 已采纳 There are multiple ways of doing this. Read following details: show alert of any other type of m
CSDN网站怎么注销账号？客服帮助客服问答常见问题FAQ
2023-02-06 12:34

回答 2 已采纳有问题可在此评论留言或者在问答客服专区版块提问
注销 - 必须按两次按钮才能工作？ html php
2017-04-21 11:49

回答 2 已采纳 You need to check logout functionality before you html page renders, so add you logout key in $_PO
【java小程序实战】小程序注销功能实现
2018-12-07 15:20

taojin12的博客小程序实战中，如何实现程序的注销功能呢？后端代码只要删除用户的redi缓存即可。小程序端在成功返回消息后，进行登陆页面的跳转。文章目录小程序的mine.wxml代码mine.wxss代码注销事件的代码mine....
如何在Symfony中注销被禁止的用户？ php symfony
2015-06-29 19:42

回答 4 已采纳 You can set the following in your security.yml: security: always_authenticate_before_granting
前端（十七）——Web应用的安全性研究
2023-09-06 14:31

小猫娃来啦的博客开发人员应该将前端安全性纳入开发流程中，并采取适当的措施来保护应用程序和用户数据的安全用户数据保护：前端安全性确保用户输入和敏感数据得到充分保护，防止被未经授权的访问或窃取。通过有效的输入验证、数据...
抖音怎么注销账号?操作流程步骤有哪些?
2022-07-22 03:56

沉睡者IT的博客抖音越来越火的原因是什么?...一、进入个人中心页面1、首先在手机中打开抖音并进入到抖音的主页。2、然后点击页面右下角位置的“我”，此时便可以来到个人中心页面了。二、打开抖音设置页面1、点击个
没有解决我的问题, 去提问

悬赏问题

¥15 Stata 面板数据模型选择
¥20 idea运行测试代码报错问题
¥15 网络监控：网络故障告警通知
¥15 django项目运行报编码错误
¥15 请问这个是什么意思？
¥15 STM32驱动继电器
¥15 Windows server update services
¥15 关于#c语言#的问题：我现在在做一个墨水屏设计，2.9英寸的小屏怎么换4.2英寸大屏
¥15 模糊pid与pid仿真结果几乎一样
¥15 java的GUI的运用

码龄粉丝数原力等级 --

如何在具有安全功能的注销页面中添加注销按钮？

2条回答默认最新

码龄粉丝数原力等级 --

homepage.php

index.php

悬赏问题

如何在具有安全功能的注销页面中添加注销按钮？

2条回答 默认 最新

homepage.php

index.php

悬赏问题

2条回答默认最新