防止用戶輸入一次註銷

Question

所以我設計了一個登錄系統。但是，當用戶登錄時，我將他重定向到一個有菜單的新頁面。但是，當用戶註銷並複製主頁URL時。他有能力再次回來。我如何防止這種情況？

的login.php

<html> 
 

 
<head> 
 
    <title>Log in</title> 
 
</head> 
 

 
<body> 
 
    <h1>Welcome please sign in!</h1> 
 

 
    <?php if (!isset($_POST[ 'submit'])){ ?> 
 
    <!-- The HTML login form --> 
 
    <form action="<?=$_SERVER['PHP_SELF']?>" method="post"> 
 
    Username: 
 
    <input type="text" name="username" /> 
 
    <br />Password: 
 
    <input type="password" name="password" /> 
 
    <br /> 
 

 
    <input type="submit" name="submit" value="Login" /> 
 
    </form> 
 
    <?php } else { require_once("db_const.php"); $mysqli=n ew mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME); # check connection if ($mysqli->connect_errno) { echo " 
 
    <p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>"; exit(); } $username = $_POST['username']; $password = $_POST['password']; $sql = "SELECT * from users WHERE username LIKE '{$username}' AND password LIKE '{$password}' LIMIT 1"; 
 
    $result = $mysqli->query($sql); if (!$result->num_rows == 1) { echo " 
 
    <p>Invalid username/password combination</p>"; } else { echo ' 
 
    <script language="javascript"> 
 
    '; 
 
\t \t echo ' 
 
    alert("Log in successfull!") 
 
    '; 
 
\t \t echo ' 
 
    </script>'; header("refresh:5;url=home.php"); } } ?> 
 
</body> 
 

 
</html>

註銷：

<?php 
 
session_start(); 
 
session_destroy(); 
 
header('Location: login.php'); 
 
exit; 
 
?>

和菜單頁：

<a href="login.php">Logout</a>

Answer 1

試試這個代碼，並放置在主頁中最高。

if(!isset($_SESSION['username'])) { 
    header("Location: login.php"); 
    exit; 
}