登录会话数据,我们可以从 codeigniter 中的数据库中删除会话吗
Login sessions data and can we delete session from db in code igniter
我使用 codeigniter 3.0.1 制作了登录应用程序,我遇到了几个问题。首先,当我不选中 'remember me' 复选框时,一切都无法正常工作,当我关闭浏览器并使用直接 link "localhost/ci_login_app/index.php/account" 再次打开它时,它仍然让用户登录
$config['sess_expire_on_close'] = TRUE;
对它没有影响:/
我已经这样配置了config.php
$config['sess_driver'] = 'database';
#$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 60*60*24*7;
$config['sess_expire_on_close'] = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_save_path'] = 'ci_sessions';
#$config['sess_use_database'] = TRUE;
$config['sess_match_ip'] = FALSE;
$config['sess_regenerate_destroy'] = TRUE;
这是我的身份验证文件uesr_authentication.php
<?php
Class User_Authentication extends CI_Controller
{
public function __construct()
{
parent::__construct();
}
// Show login page
public function index()
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
public function user_login_process()
{
$session_set_value = $this->session->all_userdata();
// Check for remember_me data in retrieved session data
if (isset($session_set_value['remember_me']) && $session_set_value['remember_me'] == "1")
{
redirect('account');
} // Check for validation
else{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE)
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->login_user();
switch ($result)
{
case 'authenticated':
redirect('account');
break;
case 'incorrect_password':
echo "Error loging in, password not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'not_activated':
echo "Please activate your account before logging in...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'incorrect_username':
echo "Error loging in, password/username not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
default:
echo "Enter correct value, press backspace";
break;
}
}
}
}
// Logout from admin page
public function logout()
{
// Destroy session data
$this->session->sess_destroy();
$data['message_display'] = 'Successfully Logout';
redirect('account');
}
}
?>
这是我的login.php控制器
<?php
class Login extends CI_Controller
{
public function __construct()
{
parent::__construct();
}
public function index()
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
public function login_user()
{
$this->form_validation->set_rules('username', 'User Name', 'trim|required');
$this->form_validation->set_rules('password', 'Password ','trim|required');
if($this->form_validation->run() === FALSE)
{
echo "Validations doesn't run correctly!<br>";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->login_user();
switch ($result) {
case 'logged_in':
redirect('home');
// $this->load->view('admin_page');
break;
case 'incorrect_password':
echo "Error loging in, password not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'not_activated':
echo "Please activate your account before logging in...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'incorrect_username':
echo "Error loging in, password/username not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
default:
# code...
break;
}
}
}
public function reset_password()
{
if (isset($_POST['email']))
{
# code...
$this->form_validation->set_rules('email','Email Address','trim|required|valid_email');
if ($this->form_validation->run() === FALSE) {
# code...
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password', array('error' => 'Please provide a valid email address'));
$this->load->view('layouts/footer');
}
else
{
$email = trim($this->input->post('email'));
$result = $this->model_login->email_exists($email);
if ($result)
{
$this->send_reset_password_email($email, $result);
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password_sent', array('email' => $email));
$this->load->view('layouts/footer');
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_login_reset_password_sent', array('error' => 'Email not registerd here'));
$this->load->view('layouts/footer');
}
}
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password');
$this->load->view('layouts/footer');
}
}
public function reset_password_form($email, $email_code)
{
if (isset($email) && isset($email_code))
{
#$email = trim($email);
$email_hash = sha1($email.$email_code);
$verified = $this->model_login->verify_reset_password_code($email, $email_code);
if ($verified)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password',
array(
'email_hash'=>$email_hash,
'email_code'=>$email_code,
'email' => $email
));
$this->load->view('layouts/footer');
}
else
{
echo "Can't get verified";
}
}
}
public function send_reset_password_email($email, $name)
{
$this->load->library('email');
$email_code = md5($this->config->item('salt').$name);
$this->email->set_mailtype('html');
$this->email->from($this->config->item('bot_email'),'reset password email');
$this->email->to($email);
$this->email->subject('Please reset your password');
$message = "<!DOCTYPE html><html>
<head>
<title>Reset Password</title>
</head>
<body>";
$message .= "<p> Dear '{$name}'</p>";
$message .='<p> we want to help you reset your password! please <strong> <a href="'.base_url().'index.php/login/reset_password_form/'.$email.'/'.$email_code.'">Click here </a> </strong> to reset your password</p>';
$message .="<p>Thank you</p>";
$message .="</body></html>";
$this->email->message($message);
$this->email->send();
}
public function update_password()
{
print_r($_REQUEST);
$email = $this->input->post('email');
$email_hash = $this->input->post('email_hash');
$email_code = sha1($this->input->post('email').$this->input->post('email_code'));
if (!isset($email,$email_hash) || ($email_hash != $email_code))
{
# code...
die("Error updating password, unauthorize access");
}
$this->form_validation->set_rules('email_hash', 'Email Hash', 'trim|required');
$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
$this->form_validation->set_rules('new-password', 'password', 'trim|required|matches[new-password-again]');
$this->form_validation->set_rules('new-password-again', 'password', 'trim|required');
if ($this->form_validation->run() === FALSE)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->update_password();
if ($result)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password_success');
$this->load->view('layouts/footer');
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password',array(
'error' => 'problem updating your password please contact site admin xyz@abc.com' ));
$this->load->view('layouts/footer');
}
}
}
}
?>
这是我的模型class模型_login.php
<?php
class Model_login extends CI_Model
{
public function __construct()
{
# code...
parent::__construct();
}
public function login_user()
{
$username = $this->input->post('username');
#$password = $this->input->post('password');
$remember = $this->input->post('remember_me');
$userpass = sha1($this->config->item('salt').$this->input->post('password'));
$sql = "SELECT * FROM users WHERE username = '{$username}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
if($result->num_rows() == 1)
{
if($row->activated)
{
if ($row->password == $userpass)
{
if ($remember)
{
$this->session->set_userdata('remember_me', TRUE);
$this->config->set_item('sess_expire_on_close', FALSE);
}
$sess_data = array(
'username' => $username,
'password' => $userpass
);
$this->session->set_userdata('logged_in', $sess_data);
return 'authenticated';
}
else
{
return 'incorrect_password';
}
}
else
{
return 'not_activated';
}
}
else
{
return 'incorrect_username';
}
}
public function email_exists($email)
{
$sql = "SELECT name , email FROM users WHERE email = '{$email}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
return ($result->num_rows() === 1 && $row->email) ? $row->name : false;
}
public function verify_reset_password_code($email, $code)
{
$sql = "SELECT name, email FROM users WHERE email = '{$email}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
if ($result->num_rows() === 1)
{
return ($code == md5($this->config->item('salt').$row->name)) ? true : false;
}
else
return false;
}
public function update_password()
{
$email = $this->input->post('email');
echo $this->input->post('password')."<br>";
$password = sha1($this->config->item('salt').$this->input->post('new-password'));
echo $this->input->post('password')." hashed password <br>";
$sql = "UPDATE users SET password = '{$password}' WHERE email = '{$email}' LIMIT 1";
$this->db->query($sql);
if (isset($sql)) {
return true;
}
else
{
return false;
}
}
private function set_session($session_data)
{
$sess_data = array(
'id' => $session_data['id'],
'name' => $session_data['name'],
'username' => $session_data['username'],
'email' => $session_data['email'],
'logged_in' => 1 );
$this->session->set_userdata($sess_data);
}
}
?>
我只在用户登录时设置会话,第二个问题是当我们visiting/revisiting页面时,数据库中不时产生很多记录,我们如何处理数据库中的记录怎么办我们在用户注销时删除记录?它只是在调用
时取消设置数据
$this->session->sess_destroy();
两天多来我一直在搜索它,如果有人能帮助我,我将不胜感激。我有一段时间,这些 setting/code 在现场工作,但我不知道发生了什么,一切都搞砸了。
如果需要任何其他文件,请告诉我。提前致谢
垃圾收集器
如(old) CodeIgniter docs所述,CI有自己的垃圾收集器。这对于 CI 3.x
仍然正确
The Session class has built-in garbage collection which clears out
expired sessions so you do not need to write your own routine to do
it.
如 CI 论坛所述,垃圾收集器使用您的 php.ini 提供的 session.gc_probability 和 session.gc_divisor 值来调用清理过程。 (默认情况下,在发出会话请求时有 1% 的机会清理旧会话)
配置值
无论如何,我建议您将 sess_regenerate_destroy 设置为 FALSE(根据 newer CI docs)
Whether to destroy session data associated with the old session ID
when auto-regenerating the session ID. When set to FALSE, the data
will be later deleted by the garbage collector.
在选项卡关闭时销毁会话
$config['sess_expire_on_close'] 不再可用 CI 3.x
使用JavaScript检测浏览器或标签关闭(但有点不可靠),看一下this answer。
使会话持续到浏览器关闭的最简单方法是将 session_expiration 值设置为 0.
The number of seconds you would like the session to last. If you would
like a non-expiring session (until browser is closed) set the value to
zero: 0
我使用 codeigniter 3.0.1 制作了登录应用程序,我遇到了几个问题。首先,当我不选中 'remember me' 复选框时,一切都无法正常工作,当我关闭浏览器并使用直接 link "localhost/ci_login_app/index.php/account" 再次打开它时,它仍然让用户登录
$config['sess_expire_on_close'] = TRUE;
对它没有影响:/
我已经这样配置了config.php
$config['sess_driver'] = 'database';
#$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 60*60*24*7;
$config['sess_expire_on_close'] = TRUE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_save_path'] = 'ci_sessions';
#$config['sess_use_database'] = TRUE;
$config['sess_match_ip'] = FALSE;
$config['sess_regenerate_destroy'] = TRUE;
这是我的身份验证文件uesr_authentication.php
<?php
Class User_Authentication extends CI_Controller
{
public function __construct()
{
parent::__construct();
}
// Show login page
public function index()
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
public function user_login_process()
{
$session_set_value = $this->session->all_userdata();
// Check for remember_me data in retrieved session data
if (isset($session_set_value['remember_me']) && $session_set_value['remember_me'] == "1")
{
redirect('account');
} // Check for validation
else{
$this->form_validation->set_rules('username', 'Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('password', 'Password', 'trim|required|xss_clean');
if ($this->form_validation->run() == FALSE)
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->login_user();
switch ($result)
{
case 'authenticated':
redirect('account');
break;
case 'incorrect_password':
echo "Error loging in, password not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'not_activated':
echo "Please activate your account before logging in...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'incorrect_username':
echo "Error loging in, password/username not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
default:
echo "Enter correct value, press backspace";
break;
}
}
}
}
// Logout from admin page
public function logout()
{
// Destroy session data
$this->session->sess_destroy();
$data['message_display'] = 'Successfully Logout';
redirect('account');
}
}
?>
这是我的login.php控制器
<?php
class Login extends CI_Controller
{
public function __construct()
{
parent::__construct();
}
public function index()
{
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
public function login_user()
{
$this->form_validation->set_rules('username', 'User Name', 'trim|required');
$this->form_validation->set_rules('password', 'Password ','trim|required');
if($this->form_validation->run() === FALSE)
{
echo "Validations doesn't run correctly!<br>";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->login_user();
switch ($result) {
case 'logged_in':
redirect('home');
// $this->load->view('admin_page');
break;
case 'incorrect_password':
echo "Error loging in, password not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'not_activated':
echo "Please activate your account before logging in...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
case 'incorrect_username':
echo "Error loging in, password/username not correct...!";
$this->load->view('layouts/header');
$this->load->view('login_form');
$this->load->view('layouts/footer');
break;
default:
# code...
break;
}
}
}
public function reset_password()
{
if (isset($_POST['email']))
{
# code...
$this->form_validation->set_rules('email','Email Address','trim|required|valid_email');
if ($this->form_validation->run() === FALSE) {
# code...
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password', array('error' => 'Please provide a valid email address'));
$this->load->view('layouts/footer');
}
else
{
$email = trim($this->input->post('email'));
$result = $this->model_login->email_exists($email);
if ($result)
{
$this->send_reset_password_email($email, $result);
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password_sent', array('email' => $email));
$this->load->view('layouts/footer');
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_login_reset_password_sent', array('error' => 'Email not registerd here'));
$this->load->view('layouts/footer');
}
}
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_reset_password');
$this->load->view('layouts/footer');
}
}
public function reset_password_form($email, $email_code)
{
if (isset($email) && isset($email_code))
{
#$email = trim($email);
$email_hash = sha1($email.$email_code);
$verified = $this->model_login->verify_reset_password_code($email, $email_code);
if ($verified)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password',
array(
'email_hash'=>$email_hash,
'email_code'=>$email_code,
'email' => $email
));
$this->load->view('layouts/footer');
}
else
{
echo "Can't get verified";
}
}
}
public function send_reset_password_email($email, $name)
{
$this->load->library('email');
$email_code = md5($this->config->item('salt').$name);
$this->email->set_mailtype('html');
$this->email->from($this->config->item('bot_email'),'reset password email');
$this->email->to($email);
$this->email->subject('Please reset your password');
$message = "<!DOCTYPE html><html>
<head>
<title>Reset Password</title>
</head>
<body>";
$message .= "<p> Dear '{$name}'</p>";
$message .='<p> we want to help you reset your password! please <strong> <a href="'.base_url().'index.php/login/reset_password_form/'.$email.'/'.$email_code.'">Click here </a> </strong> to reset your password</p>';
$message .="<p>Thank you</p>";
$message .="</body></html>";
$this->email->message($message);
$this->email->send();
}
public function update_password()
{
print_r($_REQUEST);
$email = $this->input->post('email');
$email_hash = $this->input->post('email_hash');
$email_code = sha1($this->input->post('email').$this->input->post('email_code'));
if (!isset($email,$email_hash) || ($email_hash != $email_code))
{
# code...
die("Error updating password, unauthorize access");
}
$this->form_validation->set_rules('email_hash', 'Email Hash', 'trim|required');
$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
$this->form_validation->set_rules('new-password', 'password', 'trim|required|matches[new-password-again]');
$this->form_validation->set_rules('new-password-again', 'password', 'trim|required');
if ($this->form_validation->run() === FALSE)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password');
$this->load->view('layouts/footer');
}
else
{
$result = $this->model_login->update_password();
if ($result)
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password_success');
$this->load->view('layouts/footer');
}
else
{
$this->load->view('layouts/header');
$this->load->view('login/view_update_password',array(
'error' => 'problem updating your password please contact site admin xyz@abc.com' ));
$this->load->view('layouts/footer');
}
}
}
}
?>
这是我的模型class模型_login.php
<?php
class Model_login extends CI_Model
{
public function __construct()
{
# code...
parent::__construct();
}
public function login_user()
{
$username = $this->input->post('username');
#$password = $this->input->post('password');
$remember = $this->input->post('remember_me');
$userpass = sha1($this->config->item('salt').$this->input->post('password'));
$sql = "SELECT * FROM users WHERE username = '{$username}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
if($result->num_rows() == 1)
{
if($row->activated)
{
if ($row->password == $userpass)
{
if ($remember)
{
$this->session->set_userdata('remember_me', TRUE);
$this->config->set_item('sess_expire_on_close', FALSE);
}
$sess_data = array(
'username' => $username,
'password' => $userpass
);
$this->session->set_userdata('logged_in', $sess_data);
return 'authenticated';
}
else
{
return 'incorrect_password';
}
}
else
{
return 'not_activated';
}
}
else
{
return 'incorrect_username';
}
}
public function email_exists($email)
{
$sql = "SELECT name , email FROM users WHERE email = '{$email}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
return ($result->num_rows() === 1 && $row->email) ? $row->name : false;
}
public function verify_reset_password_code($email, $code)
{
$sql = "SELECT name, email FROM users WHERE email = '{$email}' LIMIT 1";
$result = $this->db->query($sql);
$row = $result->row();
if ($result->num_rows() === 1)
{
return ($code == md5($this->config->item('salt').$row->name)) ? true : false;
}
else
return false;
}
public function update_password()
{
$email = $this->input->post('email');
echo $this->input->post('password')."<br>";
$password = sha1($this->config->item('salt').$this->input->post('new-password'));
echo $this->input->post('password')." hashed password <br>";
$sql = "UPDATE users SET password = '{$password}' WHERE email = '{$email}' LIMIT 1";
$this->db->query($sql);
if (isset($sql)) {
return true;
}
else
{
return false;
}
}
private function set_session($session_data)
{
$sess_data = array(
'id' => $session_data['id'],
'name' => $session_data['name'],
'username' => $session_data['username'],
'email' => $session_data['email'],
'logged_in' => 1 );
$this->session->set_userdata($sess_data);
}
}
?>
我只在用户登录时设置会话,第二个问题是当我们visiting/revisiting页面时,数据库中不时产生很多记录,我们如何处理数据库中的记录怎么办我们在用户注销时删除记录?它只是在调用
时取消设置数据$this->session->sess_destroy();
两天多来我一直在搜索它,如果有人能帮助我,我将不胜感激。我有一段时间,这些 setting/code 在现场工作,但我不知道发生了什么,一切都搞砸了。 如果需要任何其他文件,请告诉我。提前致谢
垃圾收集器
如(old) CodeIgniter docs所述,CI有自己的垃圾收集器。这对于 CI 3.x
仍然正确The Session class has built-in garbage collection which clears out expired sessions so you do not need to write your own routine to do it.
如 CI 论坛所述,垃圾收集器使用您的 php.ini 提供的 session.gc_probability 和 session.gc_divisor 值来调用清理过程。 (默认情况下,在发出会话请求时有 1% 的机会清理旧会话)
配置值
无论如何,我建议您将 sess_regenerate_destroy 设置为 FALSE(根据 newer CI docs)
Whether to destroy session data associated with the old session ID when auto-regenerating the session ID. When set to FALSE, the data will be later deleted by the garbage collector.
在选项卡关闭时销毁会话
$config['sess_expire_on_close'] 不再可用 CI 3.x
使用JavaScript检测浏览器或标签关闭(但有点不可靠),看一下this answer。
使会话持续到浏览器关闭的最简单方法是将 session_expiration 值设置为 0.
The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0