dongrandi8411 2016-08-08 17:15
浏览 10
已采纳

如何正确取消设置$ _SESSION变量?

Part of the login script that sets the $_SESSION:

session_start();
$_SESSION['username'] = '$myuser';
header("location: loggedinonly.php");

The logout page:

<!DOCTYPE html>

<?php
    session_start;
    unset($_SESSION['username']);
    header('location: /phptest');
?>

The page you should only see when logged in:

<!DOCTYPE html>

<?php
    session_start();
    if (!isset($_SESSION['username'])) {
        print("NO ACCESS");
    } else {
        print("WELCOME");
    }
?>
<html>
    <head>
        <title>LOGIN PAGE</title>
        <link rel="stylesheet" type="text/css" href="stylesheet.css">
    </head>
    <body>
        You must be logged in to read this!<br>
    </body>
</html>

When I open a new session, I do not have access. But if I log in, then go to the page, I do have access. All of this is intended. However, when I logout via the script, I still have access.

I've tried a lot, sorry if this has been asked before, I found nothing useful via the search.

  • 写回答

2条回答 默认 最新

  • dougaicha5258 2016-08-08 17:20
    关注

    You are using unset on a single session variable so you still might have something keeping the user logged in. Try with session_destroy() and it will remove all data associated with the session.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料