Home > Article > Backend Development > The website is maintained by SESSION. I manually deleted all cookies on the client computer. Why is it still logged in when I visit it again?
I have just been exposed to PHP for less than 3 months, noob... The website I tried to write used SESSION to maintain the response. Without closing the browser, I manually deleted all the cookie files on the client. Then refresh the website and find that the account is still logged in... What's going on?
According to some of the websites I usually use, as long as I clear the cookies, I will log out...
The following is my problem code, please give me some advice..
Page A that handles login codes
<code>//登录成功,保持登录状态 function login_true($username){ session_start(); $_SESSION['userinfo']=array('uid'=>476283675,'username'=>$username); } </code>
Page B showing the login interface
<code>/*如果$_SESSION['userinfo']或$_SESSION['userinfo']['uid']为空 *则说明未登录,引导用户登录 */ session_start(); if (empty($_SESSION['userinfo'])or empty($_SESSION['userinfo']['uid'])){ echo "<a href='919.html'>点我登录</a>"; die('请先登录'); } echo '晚上好';</code>
After clearing the cookie file, I still remain logged in. What is the problem?
I have just been exposed to PHP for less than 3 months, noob... The website I tried to write used SESSION to maintain the response. Without closing the browser, I manually deleted all cookie files on the client. Then refresh the website and find that the account is still logged in... What's going on?
According to some of the websites I usually use, as long as I clear the cookies, I will log out...
The following is my problem code, please give me some advice..
Page A that handles login codes
<code>//登录成功,保持登录状态 function login_true($username){ session_start(); $_SESSION['userinfo']=array('uid'=>476283675,'username'=>$username); } </code>
Page B showing the login interface
<code>/*如果$_SESSION['userinfo']或$_SESSION['userinfo']['uid']为空 *则说明未登录,引导用户登录 */ session_start(); if (empty($_SESSION['userinfo'])or empty($_SESSION['userinfo']['uid'])){ echo "<a href='919.html'>点我登录</a>"; die('请先登录'); } echo '晚上好';</code>
After clearing the cookie file, I still remain logged in. What is the problem?
Use the clear button that comes with your browser.
Logically speaking, if the cookie is successfully cleared, the sessionid stored in the cookie will be gone. The sessionid that cannot be obtained by requesting the back-end session mechanism will be used to obtain information corresponding to the session file. I don’t know which part of your system is handling the exception. Cookies not cleared? Is the sessionid included in the request body in other forms?
Session saves the session by passing a session_id value every time it is requested. There are two ways of passing it, one is through the cookies carried with each request, or the other is passed through the URL. If your PHP setting is through cookies, then as long as you delete the original cookies under the corresponding domain name, the server will automatically generate a new session_id, which means that the original session will be lost. As for your problem, I think the deletion method is wrong. Since you are a developer, use the browser's opener tool, which can display all cookies under the current domain name and delete cookies. In addition, chrome is recommended for the browser!