在会话中注销PHP的问题

Question

我正在尝试为页面创建一个登录和注销脚本，但由于某种原因，它不适合我。它似乎工作正常，直到我尝试注销。它似乎破坏会话变量，但它仍然让我查看页面。 继承人我登录代码：

代码： 的login.php

<?php 
// Use session variable on this page. This function must put on the top of page. 

session_start(); 
////// Logout Section. Delete all session variable. 
session_destroy(); 
$Name=$_POST['Name']; 
$Pass=$_POST['Pass']; 

// To protect MySQL injection (more detail about MySQL injection) 

$Name = stripslashes($Name); 
$Pass = stripslashes($Pass); 
$Name = mysql_real_escape_string($Name); 
$Pass = mysql_real_escape_string($Pass); 

$sql="SELECT * FROM reg1 WHERE uname='$Name' and pass='$Pass'"; 
$result=mysql_query($sql); 
if(mysql_num_rows($result)!='0') // If match. 
{ 
session_register("uname"); // Craete session username. 
header("location:loged.php"); // Re-direct to loged.php 
exit; 
}else{ // If not match. 
echo '<script type="text/javascript"> 
     window.alert("Wrong UserName And Password"); 
     window.location="index.php" 
     </script>'; 
} 

// End Login authorize check. 



?> 

logout.php

---

<?php 

// Inialize session 
session_start(); 

// Delete certain session 
unset($_SESSION['uname']); 
// Delete all session variables 
session_destroy(); 

// Jump to login page 
header("Location: index.php?msg=Successfully Logged out"); 
} 


?> 

感谢每一个...

Answer 1

要设置会话，但是你不检查它是否设置在任何地方。意味着你没有检查用户登录或不..你需要做这样的

if (!isset($_SESSION['uname'])) /*If uname not set then it is a guest*/ 
{ 
    //page contents for guest user 
} 
else 
{ 
    //page for authenticated user. 
} 

Answer 2

在你的页面，你想登录的用户进行访问的唯一，你检查$ _SESSION值['uname']？

Answer 3

我觉得只有session_destroy（）;功能足以让你注销。你不需要解除'uname'。对于那些在用户登录后出现的页面，您必须在每页顶部应用一些会话检查功能......

Answer 4

session_register()从PHP 5.3.0开始已弃用。替换：

session_register("uname"); // Craete session username. 

有：

$row = mysql_fetch_assoc($result); 
$_SESSION['uname'] = $row['uname']; 

注销与（更换session_destroy()）：

////// Logout Section. 
unset($_SESSION['uname']); 

最终的结果将是这样的：

<?php 
// Use session variable on this page. This function must put on the top of page. 
session_start(); 

// Logout Section 
if (isset($_SESSION['uname'])) 
    unset($_SESSION['uname']); 

// Login Section 
$Name=$_POST['Name']; 
$Pass=$_POST['Pass']; 

// To protect MySQL injection (more detail about MySQL injection) 
$Name = stripslashes($Name); 
$Pass = stripslashes($Pass); 
$Name = mysql_real_escape_string($Name); 
$Pass = mysql_real_escape_string($Pass); 

$sql="SELECT * FROM reg1 WHERE uname='$Name' and pass='$Pass'"; 
$result=mysql_query($sql); 
if(mysql_num_rows($result)!='0') // If match. { 
    $row = mysql_fetch_assoc($result); 
    $_SESSION['uname'] = $row['uname']; 
    header("Location: loged.php"); // Re-direct to loged.php 
    exit; 
} else { // If not match. 
    echo '<script type="text/javascript"> 
     window.alert("Wrong UserName And Password"); 
     window.location="index.php" 
     </script>'; 
} 
?> 

注销脚本（语法错误或固定的，因为不必要session_destroy();）：

<?php 
// Inialize session 
session_start(); 

// Delete certain session 
if (isset($_SESSION['uname'])) { 
    unset($_SESSION['uname']); 
} 

// Jump to login page 
header("Location: index.php?msg=Successfully Logged out"); 
?> 

如何检查是否登录：

session_start(); 
if (isset($_SESSION['uname'])) 
{ 
    // logged in 
} 
else 
{ 
    // not logged in 
} 

Answer 5

如果UNAME是你使用，如果用户登录，你应该尝试把第一验证值：

session_destroy（）;然后取消设置（$ _ SESSION [ 'UNAME']）

我希望这对你的作品....