由于保存 cookie 不安全。无论如何要保持会话或设置会话到期,所以即使我关闭浏览器并再次打开它。它不会再次重定向我或再次要求我输入我的用户名或密码。
public function __construct(){
session_start();
$this->check_login();
}
public function check_login(){
if(isset($_SESSION['user_id'])){
$this->user_id = $_SESSION['user_id'];
$this->logged_in = true;
} else {
unset($_SESSION['user_id']);
$this->logged_in = false;
}
}
if (isset($_POST['submit'])){
$username = $database->escape_value($_POST['username']);
$password = $database->escape_value($_POST['password']);
$found_user = $user->authenticate($username,$password);
if ($found_user){
$session->login();
redirect_to('index.php');
} else {
$message = output_message("Invalid Username or Password <br />");
}
}else{
$username = "";
$password = "";
}