php - 注销按钮不会终止我当前的 session

Question

所以我最近开始开发登录和注册页面。在完成所有必要的连接等操作后，我意识到我的注销按钮不起作用。

不确定该按钮不起作用的确切原因，因为单击它时没有收到任何错误消息。

我尝试使用不同的 session 句柄，认为它可能有效。

 <?php
    session_start();
    unset($_SESSION['id']);
    session_destroy(); // Destroying All Sessions
    header("Location: ../index.php"); // Redirecting To Home Page
    ?>
  this is my logout.inc.php

这并没有改变任何东西，所以我认为这与我构建表单操作的方式有关。

 <?php
  if (!isset($_SESSION['id'])) {
    echo '<form action="includes/logout.inc.php" method="post">
      <button type="submit" name="logout-submit">Logout</button>
    </form> ';
  }
  else if (isset($_SESSION['id'])) {
    echo '<form action="includes/login.inc.php" method="post">
      <input type="text" name="mailuid" placeholder="E-mail/Username">
      <input type="password" name="pwd" placeholder="Password">
      <button type="submit" name="login-submit">Login</button>
    </form>
    <a href="signup.php" class="header-signup">Signup</a>';
  }
   ?>

我猜想，问题与我的登录脚本有关

<?php

if (isset($_POST['login-submit'])) {
  require 'dbh.inc.php';
  $mailuid = $_POST['mailuid'];
  $password = $_POST['pwd'];

  if (empty($mailuid) || empty($password)) {
    header("Location: ../index.php?error=emptyfields");
    exit();
  }
  else {
    $sql = "SELECT * FROM users where uidUsers=? OR emailUsers=?;";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)){
      header("Location: ../index.php?error=sqlerror");
      exit();
    }
    else {
      mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
      mysqli_stmt_execute($stmt);
      $result = mysqli_stmt_get_result($stmt);
      if ($row = mysqli_fetch_assoc($result)) {
        $pwdCheck = password_verify($password, $row['pwdUsers']);
        if ($pwdCheck == false) {
          header("Location: ../index.php?error=wrongpassword");
          exit();
        }
        else if ($pwdCheck == true) {
          session_start();
          $_SESSION['userId'] = $row['idUsers'];
          $_SESSION['userUid'] = $row['uidUsers'];
          header("Location: ../index.php?login=success");
          exit();
        }
        else {
          header("Location: ../index.php?error=wrongpassword");
          exit();
        }
      }
      else {
        header("Location: ../index.php?error=nouser");
        exit();
      }
    }
  }
}
else {
  header("Location: ../index.php");
  exit();
}

?>

但即便如此，我也不知道从哪里开始，所以我希望有人可以帮助找到我错过的东西或需要更改的东西。

我的预期输出是，单击注销按钮后，将完全终止当前 session 并启动一个新 session ，这反过来会将我转到登录/注册页面。

    <?php

  require "header.php";
?>

    <main>
      <div class="wrapper-main">
        <section class="section-default">
          <!--
          We can choose whether or not to show ANY content on our pages depending on if we are logged in or not.
          -->
          <?php
          if (!isset($_SESSION['userId'])) {
            echo '<p class="login-status">You have Successfully logged In!</p>';
          }
          else if (isset($_SESSION['userId'])) {
            echo '<p class="login-status">You are logged Out!</p>';
          }
          ?>
        </section>
      </div>
    </main>

<?php
  // And just like we include the header from a separate file, we do the same with the footer.
  require "footer.php";
?>
this is the index.php file

Answer 1

在 logout.inc.php 中尝试以下操作

session_start();
session_destroy();

foreach($_SESSION as $k => $v) {
   unset($_SESSION[$k]);
   session_unset($k);
}

header('Location: '../index.php');