PHP中如何终止用户会话?
我使用以下代码跟踪了带有 img 标签的在线用户会话。
<img src="http://www.somedomain.com/track/login.php" alt="" title="" width="1" height="1" />
使用上面的代码,我制作了一个管理部分来显示在线用户。
现在,由于某种原因。我必须从管理部分结束在线用户的会话。
谁能帮我做一个这个。
注意:
在用户页面中,用户会话的处理方式为
if(authenticated) {
$_SESSION['username']=name;
$_SESSION['id']=id;
}
I have tracked the online user session with a img tag with the code below.
<img src="http://www.somedomain.com/track/login.php" alt="" title="" width="1" height="1" />
Using the above code, I have made an administration section to display the online users.
Now, due to some reason. I have to end the session of the online user from the administration section.
Could anyone help me one this.
Note:
in users pages, User session is handled with
if(authenticated) {
$_SESSION['username']=name;
$_SESSION['id']=id;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
我认为如果您可以获得用户的 PHP 会话 ID,您可以执行以下操作:
请注意,这也意味着管理员将失去其会话。 此处描述了
session_id()。I think if you can get the PHP session id of the user, you can do a:
Note that this also means the admin will loose its session.
session_id()is described here.如果您想结束用户会话,您可以从逻辑上或技术上做到这一点。
从逻辑上讲,您可以篡改用户会话数据并将删除标志设置为 true。然后,您的应用程序逻辑需要检查是否设置了已删除标志,如果设置了,则结束该用户的会话。
从技术上讲,您可以通过删除会话存储来结束任何会话。这在一定程度上取决于您配置的存储,但基本上这意味着获取会话文件的文件名并将其从磁盘中删除。
我认为第二种变体更容易。只需获取用户会话 ID 并将其映射到文件名即可。请参阅此处获取路径,以及此处获取路径和名称。
对于逻辑变体,您实际上还需要收集会话数据的文件名,打开它,读取它的内容,然后添加标志并再次存储它。
因此,这是我想到的两种实现您想要的目标的方法。如果将会话数据放入数据库,可能会更容易: Storing Sessions in a数据库。
If you want to end a users session you can do that logically or technically.
Logically you can tamper the users session data and set a delete flag to true. Your application logic then needs to check if that deleted flag is set, and if so, end the session for that user.
Technically you can end any session by removing it's session storage. This depends a bit which storage you've configured, but basically this means getting the filename of the session file and deleting it from disk.
I think the second variant is easier. Just get the users session id and map it to the filename. See here for the path, and here for path and name.
For the logical variant you actually need to gather the filename of the session data as well, open it, read it's content, than add the flag and store it again.
So these are the two ways that come to my mind to achieve what you're looking for. Probably it's much more easy if you put the session data into the database: Storing Sessions in a Database.
使用以下功能:
use the functions below:
您可能需要将数据推送给用户。看看 Comet 技术和类似的替代方案
You might need to push data to the user. Take a look at Comet techniques and similar alternatives
我认为对于您正在尝试做的事情没有一个简单的答案。
正如 Tudor 所说,您可以删除存储在特定目录中的会话文件(您可以动态设置的目录,就像他在示例中所做的那样) - 请参阅他的示例。
另一种方法是编写自己的会话处理类(有关示例,请参阅 PHP 手册 - http:// /php.net/manual/en/session.customhandler.php)并将会话数据存储在文件和/或数据库中。换句话说,使用您的自定义会话处理程序,我认为您的任务会更容易。
I don't think there is a simple answer to what you are trying to do.
As Tudor said you can delete the session files stored in a specific directory (a dir. you can dynamically set, as he does in his example) - see his example.
Another way to go is write your own session handling classes (see PHP manual for examples - http://php.net/manual/en/session.customhandler.php) and store session data in files and or the database. In other words using your custom session handlers i think your task would be easier.
我将通过以下方式实现这一点:使用文件来存储会话,将这些文件存储在您具有读/写访问权限的某个特定位置,给它们一个可预测的名称(例如用户名上的 md5) - 当您想要时结束用户的会话,只需删除属于该用户的文件即可。
在您的管理部分,获取用户名作为参数,计算其 md5,然后删除该用户的会话:
此代码可能不适合您,但这是一个很好的遵循方法
I'd implement this in the following way: use files to store sessions, store those files in some specific location where you have read/write access, give them a predictible name (for example an md5 on username) - and when you want to end a session for a user, simply delete the file that belongs to that user.
In your admin part, get the username as parameter, compute the md5 on it, then delete the session of that user:
This code might not work out of the box for you, but it's a good way to follow