我在MySQL中有一个用户登录数据,条件是用户在会话中只能登录1次。如果使用注销按钮,代码运行良好,但是如果用户关闭浏览器
// user_table in MySQL
user_id user_username user_password is_login
1 xyzabc xxxxx 0 // 0 is not
2 abcdef xxxxx 1 // 1 is login
3 efghij xxxxx 1
我曾经is_login
阻止来自第二个登录用户的访问。因此,每个帐户只能登录一次,而is_login
我们曾经在设置is_login
为的情况下阻止用户登录会话0
。
// Inside my login function
public function login()
{
... some validation login code ...
// User ID accepted & login = TRUE
$this->session->set_userdata('id', $data->user_id);
// this query is in model, I just copy it to here
$this->db->query('UPDATE user_table SET is_login = "1" WHERE user_id = ".$id."');
$this->session->sess_expiration = 7200;
$this->session->sess_expire_on_close = TRUE;
}
// Logout function in controller
public function logout() {
$id = $this->session->userdata('id');
// this query is in model, I just copy it to here
$this->db->query('UPDATE user_table SET is_login = "0" WHERE user_id = ".$id."');
$this->session->sess_destroy();
}
如果使用logout
功能注销了用户,则代码运行良好。
该is_login
列将0
再次打开。但是如果浏览器强制关闭is_login
状态仍为1
。有什么办法吗?
好的,假设我们有一个如下的用户表:
CREATE TABLE IF NOT EXISTS `system_users` (
`id` smallint(5) unsigned NOT NULL,
`fullname` varchar(90) COLLATE utf8_persian_ci NOT NULL,
`username` varchar(40) COLLATE utf8_persian_ci NOT NULL,
`password` varchar(32) COLLATE utf8_persian_ci DEFAULT NULL,
`dte_login` int(11) unsigned NOT NULL DEFAULT '0',
`dte_activity` int(11) unsigned NOT NULL DEFAULT '0',
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_persian_ci;
dte_login是我们每次在用户登录时都会设置到数据库中的时间戳记值dte_activity是用户最后一次从您的服务器请求某项内容时的时间戳记值,当然,他已经登录
请注意,仅在需要检查用户是否仍处于活动状态时才需要dte_activity。
function login($username, $password) {
$result = false;
// Check from DB that the username and password is valid or not
// IF user is valid, retrieve user_id from DB
If (USER_IS_VALID) {
$_SESSION['user_id'] = $user_id;
$_SESSION['dte_activity'] = time();
$_SESSION['dte_login'] = time();
$result = true;
}
return $result;
}
现在,只要用户要求访问页面,您就可以调用一个示例函数,如下所示:
function checkLogin() {
$result = false;
if (!empty($_SESSION['user_id'])) {
// This means that somebody is already logged in
$user_id = $_SESSION['user_id'];
$dte_login = $_SESION['dte_login'];
// We need to check if the user which is login is the same as the last user that used our website so we compare the dte_login value that we stored in session with what we have in DB
$db_connection->query("SELECT `id` FROM `system_users` WHERE `id`={$user_id} AND `dte_login`={$dte_login};");
// If the above query return no result, it means that someone else logged in meanwhile and we have to log out the current user
if ($db_connection->num_rows>0) {
// Now we need to check if his/her session is still valid or not
$EXPIERY = 300; // in seconds (in this case, 5 minutes)
$now = time();
if ($now-$_SESSION['dte_activity']<$EXPIERY) {
// The user session is still valid and we need to update database
$db_connection->query("UPDATE `system_users` SET `dte_activity`={$now} WHERE id={$user_id};");
$_SESSION['dte_activity'] = $now;
$result = true; // Means that someone is active
} else {
session_destroy();
}
} else {
session_destroy();
}
}
return $result;
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句