Kam*_*amo 2 php session login logout
当用户单击注销按钮时,我会连接到一个只执行此操作的脚本
session_destroy();
session_start();
I thought this would be enough to reset all $_SESSION variables such as $_SESSION['logged'] and $_SESSION['username'] but when I load the page again, it automatically logs me in as if the session is still active.
正如文档所述:
它不会取消设置与会话关联的任何全局变量,也不会取消设置会话cookie.要再次使用会话变量,必须调用session_start().
为了完全终止会话,比如要将用户注销,还必须取消设置会话ID.如果使用cookie来传播会话ID(默认行为),则必须删除会话cookie.setcookie()可能会用于此.
它还给出了如何执行此操作的示例:
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>
只需清除阵列即可将用户注销; 他们仍然有相同的会话ID,但$_SESSION会是空的,所以$_SESSION['logged']并$_SESSION['username']不会存在