PHP $_SESSION not working as expected
문제
I have a PHP website I'm maintaining and I've confirmed that this worked at one point.
We have a website utilizing a login system which stores a logged in user's information in a $_SESSION['user']
variable. The site used to log out the user when clicking /logout.php which essentially removed that portion of the session, then header()
redirected to the homepage.
As of recently, the /logout.php file with session_start()
at the top somehow doesn't see the session information when print_r()
is used to output it for debugging purposes.
If I go to another page, I see the session info just fine, but not on the logout page...which is exactly why I cannot remove the session info, because it's not accessible.
I thought $_SESSION
was global on the site until the browser was closed. I've never had this happen and I know the session instance was started on this page, so it's weird that it's not showing me the session data.
Any ideas? I'm totally stumped on this one!
Code: /logout.php
<?
#session_start() is inside this file
require_once($_SERVER['DOCUMENT_ROOT'].'/includes/config.php');
unset($_SESSION['user']);
header("location: /");
exit();
?>
The checking of $_SESSION['user']
is site-wide and I call to various items below it when needed for different things. Someone else built this site and I'm trying to debug why it's not working for them all of a sudden.
해결책
Are you accessing logout.php from the same exact domain that you set the session to begin with (i.e. example.com vs. www.example.com/logout.php)
As for just unsetting specific session data, it would be best to call session_destroy()
and then unset your cookies to kill the session.
다른 팁
개인적으로 SQL 쿼리에서 공격하는 것이 좋습니다.그래서 예를 들어
SELECT
CASE WHEN DATEDIFF(day, GETDATE(), DateColumn) = 0 THEN SomeColumn ELSE 0 END cToday
CASE WHEN DATEDIFF(day, GETDATE(), DateColumn) = 1 THEN SomeColumn ELSE 0 END cYesterday
CASE WHEN DATEDIFF(day, GETDATE(), DateColumn) > 0 AND
DATEDIFF(day, GETDATE(), DateColumn) < 8 THEN SomeColumn ELSE 0 END cWeek
CASE WHEN DATEDIFF(day, GETDATE(), DateColumn) > 0 THEN SomeColumn ELSE 0 END cMonth
FROM
SomeTable
WHERE
DateColumn > DATEADD(day, -28, GETDATE())
.
그렇지 않으면 SSRS 에 비슷한 접근 방식을 사용할 수 있습니다.
Always remember the first line of your PHP code should be session_start();
and nothing else. If all your going to do is unset the session variables and destroy the session, Try removing the require_once($_SERVER['DOCUMENT_ROOT'].'/includes/config.php');
and add the session_start() and the session_destroy() at the end of the logout.php file and see if it works.