时间戳

首页 > 解决方案 > 不能让用户像“Facebook”一样长时间登录

php - 不能让用户像“Facebook”一样长时间登录

问题描述

我做了一个网站,可以让你像 Facebook 一样长时间登录来制作这个系统 我使用了 cookie,我在 1 年后到期,我做了一个检查 cookie 的功能,但有些用户被踢出,我不知道为什么这是检查令牌和 cookie 的代码 我使用令牌并将其保存在我的数据库中

public static function checkToken($conn) {
    //header('Location: login.php');
    
    if (isset($_COOKIE['token']) && isset($_COOKIE['username'])) {
        //$_SESSION['username'] =$_COOKIE['username'];
        //$_SESSION['token'] = $_COOKIE['token'];
    
        $username = $_COOKIE['username'];
        $query = $conn->prepare("select * from session where username =?");
        $query->execute([$username]);
        if ($query->rowCount() > 0) {
            $rows = $query->fetchAll(PDO::FETCH_ASSOC);
            foreach ($rows as $row) {
                $token1 = $row['session'];
                $gent = $row['agent'];
            }
            if ($_COOKIE['token'] != $token1) {
                // session_destroy();
                header("Location: /login");
                // set the expiration date to one hour ago
                setcookie('token', null);
                setcookie('username', null);
                exit;
            }
        } elseif ($query->rowCount() == 0) {
            // session_destroy();
            header("Location: /login");
            // set the expiration date to one hour ago
            setcookie('token', null);
            setcookie('username', null);
            exit;
        }
    } else {
        // session_destroy();
        header("Location: /login");
        // set the expiration date to one hour ago
        setcookie('token', null);
        setcookie('username', null);
        exit;
    }
}

这用于登录

public static function login($conn) {
    $user = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
    $pass = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
    
    $query = $conn->prepare("select * from users where username= ? and password = ?");
    $query->execute([$user, $pass]);
    if ($query->rowCount() > 0) {
        $rows = $query->fetchAll(PDO::FETCH_ASSOC);
        foreach ($rows as $row) {
            $username = $row['username'];
        }
        $token = funcs::getToken(10);
        $_SESSION['token'] = $token;
        setcookie('token', $token, time() + (365 * 24 * 60 * 60));
        setcookie('username', $username, time() + (365 * 24 * 60 * 60));
        //setcookie('year', $_SESSION['year'], time() + ( 365 * 24 * 60 * 60) );
        //setcookie('pre', $_SESSION['pre'], time() + ( 365 * 24 * 60 * 60) );
        $gettoken = $conn->prepare("select * from session where username= ? ");
        $gettoken->execute([$_COOKIE['username']]);
        if ($gettoken->rowCount() == 0) {
            $query1 = $conn->prepare("insert into session (username,session,agent)values(?,?,?)");
            $query1->execute([$user, $_COOKIE['token'], $_SERVER['HTTP_USER_AGENT']]);
        } else {
            header('Location: /index');
            exit;
        }
        header('Location: /index');
        exit;
        ob_end_flush();
    }
    return true;
}

标签: phpcookies

解决方案

推荐阅读