我使用数据库中的用户名和密码作为会话变量,但是当我注销时,我仍然可以通过浏览器的直接链接访问受保护的页面,这可能是造成这种情况的原因。这是我的 login.php:
//initialize the variables
$username="";
$password="";
$_SESSION['username']="";
$_SESSION['password']="";
if(isset($_POST["submit"]) && @$_GET["username"] !==""){
$username=$_POST["username"];
$password=$_POST["password"];
if(isset($_POST["username"]) && $_POST["username"]!=="" && isset($_POST["password"]) && $_POST["password"]!==""){
//sucuring the data
$username=htmlentities(mysql_real_escape_string(trim($_POST["username"])));
$password=htmlentities(mysql_real_escape_string(trim($_POST["password"])));
//checking if user does exist
$sql="SELECT email, password FROM ".$db_name.".user WHERE email=\"".$username."\" AND password='".md5($password)."' LIMIT 1";
$query=mysql_query($sql,$con);
$result=mysql_fetch_assoc($query);
//check query to c if is successfully optional
if(!$result){
print"No result";
}else{
//if combination found in our database then register session values";
$_SESSION['username']=$_POST['username'];
$_SESSION['password']=md5($_POST['password']);
//check location
$sql="SELECT location FROM ".$db_name.". user WHERE email ='".$_POST['username']."' LIMIT 1";
$query=mysql_query($sql,$con);
$result=mysql_fetch_array($query);
//no need of loop since we want only one field/single record/row
$location=$result['location'];
header("Location:".$location."");
}
}else{
//do nothing
}
}
?>
<form id="loginFrm" method="post" action="?lgn=getin">
<fieldset>
<legend>
Inshuz Login
</legend>
<table>
<tr>
<td>
Username
<div id="specify">Your email</div>
</td>
<td>
<input type="text" name="username" size="40" class="text" value="<?php print $username; ?>">
</td>
</tr>
<tr>
<td>
Password
</td>
<td>
<input type="password" name="password" size="40" class="text" value="<?php print $password; ?>">
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" name="submit" class="btn" value="Login">
<td>
</tr>
</table>
</fieldset>
</form>
这个 login.php 包含在我的 index.php 中,下面是主页
<?php session_start(); require_once("includes/functions/url.php"); require_once("includes/config/config.php");?>
<html>
<head>
<title>
</title>
<head>
<link rel="stylesheet" media="all" type="text/css" href="css/main.css"/>
<script type="text/javascript" src="js/jquery-1.8.0.js"></script>
<body>
<div id="wrapper">
<div id="header">
<div id="nav">
<a href="#">Home </a> | <a href="#">About us</a> | <a href="#">Products</a> | <a href="#">Services</a> | <a href="#">Carrers</a>
</div>
</div><!--end of header-->
<div id="mainContent">
<div id="RighContent">
<?php require_once("includes/pages/".@$page);?>
</div><!---RightCont--->
<div id="LeftCont">
afafhkashf
</div><!---leftcont--->
</div><!---end of maincontent-->
<div id="footer">
</div><!--end footer-->
</div><!--end of wrapper-->
<body>
</html>
这是我的安全页面:
<?php session_start();
require_once("includes/functions/url.php");
if(!isset($_SESSION['username'])){
header("Location: ../");
exit();
}
?>
<html>
<head>
<title>
</title>
<head>
<link rel="stylesheet" media="all" type="text/css" href="css/main.css"/>
<script type="text/javascript" src="js/jquery-1.8.0.js"></script>
<body>
<div id="wrapper">
<div id="header">
<div id="nav">
<a href="#">Home </a> | <a href="#">About us</a> | <a href="#">Products</a> | <a href="#">Services</a> | <a href="#">Carrers</a>
<?php
//show logout
if(isset($_SESSION['username'], $_SESSION['password'])){
print " | <a href=\"includes/pages/logout.php?log=logout\">Logout</a>";
}
?>
</div>
</div><!--end of header-->
<div id="mainContent">
<div id="RighContent">
<h1>Welcome admin: <?php print @$_SESSION['username']; ?></h1>
</div><!---RightCont--->
<div id="LeftCont">
afafhkashf
</div><!---leftcont--->
</div><!---end of maincontent-->
<div id="footer">
</div><!--end footer-->
</div><!--end of wrapper-->
<body>
</html>
最后这是我的注销页面:
<?php
ini_set('session.use_trans_sid', false);
session_start();
//require_once("includes/functions/url.php");
if(isset($_GET['log']) && $_GET['log']=="logout"){
if(isset($_SESSION['username'] , $_SESSION['password']) && !empty($_SESSION['username']) && !empty($_SESSION['password'] )){
unset($_SESSION['username']);
unset($_SESSION['password']);
header("Location: ../../");
exit();
}
}
?>