2013-04-01 68 views
0

我有一個註銷腳本的問題。我試圖摧毀會話或殺掉cookie,但它不會消失。下一個腳本的PHP註銷

if (!isset($_SESSION['user_id'])) { 
    if (isset($_POST['submit'])) { 
     // Connect to the database 
     $dbc = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME); 

     if ($dbc == null) { 
      $error_msg = '<br/>EROARE: conexiunea la baza de date a esuat<br/>'; 
     } 
     $error_msg = 'succes<br/>'; 

     // Grab the user-entered log-in data 
     $user_username = mysqli_real_escape_string($dbc, trim($_POST['username'])); 
     $user_username = PREG_REPLACE("/[^[email protected]_]/i", '', $user_username); 
     $user_password = mysqli_real_escape_string($dbc, trim($_POST['password'])); 
     $user_password = PREG_REPLACE("/[^0-9a-zA-Z]/i", '', $user_password); 

     if (!empty($user_username) && !empty($user_password)) 
     { 
      $query = "SELECT * FROM Admin WHERE username = '$user_username' AND password = SHA('$user_password')"; 
      $data = mysqli_query($dbc, $query); 
      if (mysqli_num_rows($data) == 1) { 
       // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page 
       $row = mysqli_fetch_array($data); 
       $_SESSION['admin_id'] = $row['id_client']; 
       $_SESSION['admin'] = $row['username']; 
       setcookie('id_admin', $row['id_admin'], time() + (60 * 60 * 24 * 2)); // expires in 30 days 

       $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/admin/index.php?admin='.$row['id_admin'].'&cat=index'; 
       header('Location: ' . $home_url); 

       //==================LOGGING THE INFORMATION 
       $fp = @fopen ($jurnal, "a"); 
       if ($fp == NULL) { 
        echo 'EROARE - nu a fost posibila deschiderea fisierului jurnal!'; 
        exit(); 
       } 
       //exclusive lock 
       lock ($fp); 
       //Writing information into the index_upload file 
       $submitdate = date('l jS \of F Y h:i:s A'); 
       $utilizator = $_SESSION['username']; 
       $adresa = $_SERVER['REMOTE_ADDR']; 
       fwrite ($fp, "========================================\r\n"); 
       fwrite ($fp, "LOGIN OK\r\n"); 
       fwrite ($fp, "Utilizator: $utilizator\r\n"); 
       fwrite ($fp, "Conexiune de la adresa IP: $adresa\r\n"); 
       fwrite ($fp, "Data: $submitdate\r\n"); 
       fwrite ($fp, "\r\n"); 
       // Unlock the file, this is the same as flock($fp, LOCK_UN); 
       unlock ($fp); 
       @fclose ($fp); 
       ///////////////////////////////////////////////////////////////////////////// 


      } 
      else { 

      } 
     } 
     else { 
      // The username/password are incorrect so set an error message 
      $error_msg = 'EROARE: pentru autentificare aveti nevoie de un nume de utilizator si o parola valide!'; 
     } 
    } 
    else { 
     // The username/password weren't entered so set an error message 
     $error_msg = 'EROARE: pentru a va putea autentifica in sistem, va rugam introduceti un nume de utilizator si o parola!'; 
    } 
} 

我tryed這一點:

<? 
session_start(); 
session_unset(); 
session_destroy(); 

header("location:home.php"); 
exit(); 
?> 

這:

<?php 
    setcookie('id_admin', '', time()-60*60*24*2); 
?> 
+0

在哪裏你打電話註銷?服務器error.log上的任何警告? –

+0

唯一的原因將是你在這裏使用的短打開標籤:'<?'你可以將它改爲'<?php'或者測試發佈的代碼在我的回答中 – 2013-04-01 17:33:39

回答

0

根據PHP手冊session_destroy()下面的代碼應該銷燬$ _SESSION:

<?php 
// Initialize the session. 
// If you are using session_name("something"), don't forget it now! 
session_start(); 

// Unset all of the session variables. 
$_SESSION = array(); 

// If it's desired to kill the session, also delete the session cookie. 
// Note: This will destroy the session, and not just the session data! 
if (ini_get("session.use_cookies")) { 
    $params = session_get_cookie_params(); 
    setcookie(session_name(), '', time() - 42000, 
     $params["path"], $params["domain"], 
     $params["secure"], $params["httponly"] 
    ); 
} 

// Finally, destroy the session. 
session_destroy(); 
?> 
+0

我測試過這個,仍然設置cookie仍然是 –

+0

你可以過期cookie正如你所做的那樣,這段代碼僅用於會話 – 2013-04-01 17:53:30

+0

我做過,cookie仍然存在:| –