回复讨论(解决方案)
你在 B页面中执行 session_destroy(); 前 session 自然是存在的,否则就没必要 session_destroy(); 了
你只在重入B页面(比如刷新)才会发现 session 没有了
因为对用户而言, session_destroy() 只是发送注销 cookie 中的 sessionid 的指令
a.php
<?phpsession_start();$_SESSION['name'] = "kobe";?><a href="se2.php">se2</a>
b.php
<?phpsession_start();$_SESSION = array();session_destroy();var_dump($_SESSION['name']);?>
A页面跳转到B页面销毁session,同时B页面再跳转到登陆页面,这时候session依然在,是这样的情况
先访问a.php -> b.php -> login.php session消失。
a.php
<?phpsession_start();$_SESSION['name'] = 'fdipzone';?><a href="b.php">go b</a>
b.php
<?phpsession_start();session_destroy();?><a href="login.php">go login</a>
login.php
<?phpsession_start();echo 'name='.$_SESSION['name'];?>
我找到原因不是destroy的问题。是当用户登录后,会有一个php页面执行一个死循环,在这个循环里每隔30秒更新一次用户的登陆时间,直到用户离开当前页面。
while(true) { echo "\n"; ob_flush(); flush(); if(connection_aborted()) exit; /*这里是将当前时间写入到数据库*/ sleep(30);} 如果删除了这里的ob_flush();flush();会解决问题,但是这样的话connnection_aborted()会不生效,用户关闭页面后时间仍然会继续更新。但如果加上了那两句,会发生session无法destroy,必须手动f5后才能删除
请问这样怎么解决?
?甚?要???死循?呢?
?甚?要???死循?呢?
定时向数据库更新登陆时间,如果用户一直在线则一直执行,直到用户关闭页面
那这样页面其实一直都没有结束,当然当前的session就不会消失了。
那这样页面其实一直都没有结束,当然当前的session就不会消失了。
connection_aborted()这一句可以检查客户端是否断开,但是它执行需要在页面输出内容,所以添加了ob_flush();flush();
问题是这两句会导致销毁session的那个页面无法正常执行,也就是必须手动刷新才能销毁session
所以,有没有其他办法,在客户端断开时关闭这个循环。或者有没有其他办法,正常执行销毁session的那个页面。
出现这样的问题是ob_flush();flush();的问题吗?要怎么办呢?
我这么做就是为了防止用户长时间不登陆被踢下线的保活,还有其他办法吗?
那这样页面其实一直都没有结束,当然当前的session就不会消失了。
connection_aborted()这一句可以检查客户端是否断开,但是它执行需要在页面输出内容,所以添加了ob_flush();flush();
问题是这两句会导致销毁session的那个页面无法正常执行,也就是必须手动刷新才能销毁session
所以,有没有其他办法,在客户端断开时关闭这个循环。或者有没有其他办法,正常执行销毁session的那个页面。
出现这样的问题是ob_flush();flush();的问题吗?要怎么办呢?
我这么做就是为了防止用户长时间不登陆被踢下线的保活,还有其他办法吗?
你的页面一直未结束,当前页面的session一直未更新到文件。这就是session_destroy()不能立即生效的原因。
在session_destroy(); 后面加 session_write_close(); 就可以解决这个问题了。
那这样页面其实一直都没有结束,当然当前的session就不会消失了。
connection_aborted()这一句可以检查客户端是否断开,但是它执行需要在页面输出内容,所以添加了ob_flush();flush();
问题是这两句会导致销毁session的那个页面无法正常执行,也就是必须手动刷新才能销毁session
所以,有没有其他办法,在客户端断开时关闭这个循环。或者有没有其他办法,正常执行销毁session的那个页面。
出现这样的问题是ob_flush();flush();的问题吗?要怎么办呢?
我这么做就是为了防止用户长时间不登陆被踢下线的保活,还有其他办法吗?
你的页面一直未结束,当前页面的session一直未更新到文件。这就是session_destroy()不能立即生效的原因。
在session_destroy(); 后面加 session_write_close(); 就可以解决这个问题了。
好的,谢谢~ 没问题了
How does PHP identify a user's session?May 01, 2025 am 12:23 AMPHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.
What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AMThe security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.
Where are PHP session files stored by default?May 01, 2025 am 12:15 AMPHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita
How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AMToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si
How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AMThe steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.
How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PMThe article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.
What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PMThe article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.
How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PMArticle discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
Atom editor mac version download
The most popular open source editor
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 English version
Recommended: Win version, supports code prompts!
