1. 技术文章
  2. Logout PHP Script

Logout PHP Script

随声附和 提交于 2020-12-03 07:40:48

问题


This is my script:

<?php
  // If the user is logged in, delete the session vars to log them out
  session_start();
  if (isset($_SESSION['user_id'])) {
    // Delete the session vars by clearing the $_SESSION array
    $_SESSION = array();

    // Delete the session cookie by setting its expiration to an hour ago (3600)
    if (isset($_COOKIE[session_name()])) {      setcookie(session_name(), '', time() - 3600);    }

    // Destroy the session
    session_destroy();
  }

  // Delete the user ID and username cookies by setting their expirations to an hour ago (3600)
  setcookie('user_id', '', time() - 3600);
  setcookie('username', '', time() - 3600);

  // Redirect to the home page
  $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
  header('Location: ' . $home_url);
?>

I cannot log out once logged in on the site. Do I really need cookie'd logins or can I take that out?


回答1:


Try a simpler approach, destroy all session cookies 

session_start();
session_destroy();
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
header('Location: ' . $home_url);



回答2:


"In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that." see: http://us1.php.net/session_destroy and: http://us1.php.net/manual/en/function.session-id.php "Caution Do NOT unset the whole $_SESSION with unset($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal." see: http://us2.php.net/manual/en/function.session-unset.php




回答3:


I recommend to using this method,

<?php
//User session in ['user']
if($_SESSION['user_id']){
  session_start();
  session_unset();
  session_destroy();
  session_write_close();
  setcookie(session_name(),'',0,'/');
  session_regenerate_id(true);
}
?>

i recommend you using that method , why? because that method using true destroy,delete cookie in browser and new set ID of session of session in PHP



来源:https://stackoverflow.com/questions/21320524/logout-php-script

标签
php
logout
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!