0

关于如何在 30 分钟后过期 PHP 会话?,我从第 2 个答案Simple way of PHP session expiry in 30 minutes 中复制了一些代码。我想将登录信息和信息合并到一页,另一页是 logout.php 这是我的代码。

主页.php

if(isset($_POST["submitform"])){

    $v1 = "admin";
    $v2 = "admin";
    $v3 = $_POST['username'];
    $v4 = $_POST['password'];

    if($v1 == $v3 && $v2 == $v4){
    session_start();
    $_SESSION['username'] = $v1;
    $_SESSION['start'] = time(); // taking now logged in time
    $_SESSION['expire'] = $_SESSION['start'] + (1* 30) ; // ending a session in 30 seconds

    if(!isset($_SESSION['username'])){
      echo "Please Login again <a href='logout.php'>Click Here to Login</a>";
    }else{
       $now = time(); // checking the time now when home page starts
        if($now > $_SESSION['expire']){
         session_destroy();
          echo "Your session has expire !  <a href='logout.php'>Click Here to Login</a>";
        }else{
        echo "This should be expired in 1 min <a href='logout.php'>Click Here to Login</a>";
        }
    }
    }else{
     echo '
    <form  method="post">
    <input type="text" name="username">
    <input type="password" name="password">
    <button type="submit" name="submitform">Sign in</button>
    </form>';
    echo  '<font color="red">wrong password</font>"';
    }       
 }else{
    echo '
    <form  method="post">
    <input type="text" name="username">
    <input type="password" name="password">
    <button type="submit" name="submitform">Sign in</button>
    </form>';
 }
?>

注销.php

<?php
session_start();
session_destroy();
header('Location: homepage.php');
?>

我将会话过期设置为 30 秒,但是我发现会话没有按预期过期。会话永不过期。我想知道我是否放session_start();对了地方?谢谢

4

3 回答 3

1

您只是在表单发布上检查会话的状态。

如果您刷新页面,它将重新发送帖子,让您登录并延长会话。

你的逻辑需要是:

如果发布,请检查密码并延长会话。

检查会话是否已过期(如果在那里发布,则必须发生这种情况,没有区别。)

根据会话检查的结果显示登录表单或注销消息。

if (isset($_POST["submitform"])) {

    $v1 = "admin";
    $v2 = "admin";
    $v3 = $_POST['username'];
    $v4 = $_POST['password'];

    if ($v1 == $v3 && $v2 == $v4) {
        session_start();
        $_SESSION['username'] = $v1;
        $_SESSION['start'] = time();
        // taking now logged in time
        $_SESSION['expire'] = $_SESSION['start'] + (1 * 30);
        // ending a session in 30 seconds

    } else {
        echo '
    <form  method="post">
    <input type="text" name="username">
    <input type="password" name="password">
    <button type="submit" name="submitform">Sign in</button>
    </form>';
        echo '<font color="red">wrong password</font>"';
     die();
    }

    if (!isset($_SESSION['username'])) {
        echo "Please Login";
        echo '
            <form  method="post">
            <input type="text" name="username">
            <input type="password" name="password">
            <button type="submit" name="submitform">Sign in</button>
            </form>';
    } else {
        $now = time();
        // checking the time now when home page starts
        if ($now > $_SESSION['expire']) {
            session_destroy();
            echo "Your session has expired !  <a href='logout.php'>Click Here to Login</a>";
        } else {
            echo "This should be expired in 1 min <a href='logout.php'>Click Here to Login</a>";
        }
    }
于 2013-04-27T20:03:57.660 回答
0

session_start()必须是第一行代码。

此外,您可以将 cookie 设置为过期。

于 2013-04-27T19:45:33.897 回答
0

同一页面上可以有不同的会话吗?

YES

所以使用

一个用户,一个会话。时期。

http://us3.php.net/manual/en/ref.session.php
于 2013-04-27T20:10:56.867 回答