Clicking link should expire the session
I have a link like <a href="some link">Click</a> .
Now,On clicking this link should made the session to开发者_Python百科 expire..ie.,using session_destroy().
It is strongly advisable to avoid this type of operations in order to avoid CSRF attacks.
For example you will create a link that points to http://site.come/logout
Then, I grab the url and make an image with its source set to the mentioned url.
<img src="http://site.come/logout"/>
Now on any other webpage when a user from you site will be exposed to this image he will be automatically logged out from your system.
I would suggest using POST.
<input type="submit" name="logout" value="Logout"/>
<?php
if(isset($_POST['logout'])) {
session_destroy();
}
?>
<!--in the index.php page-->
<a href="logout.php">Logout</a>
<!--in the logout.php page-->
<?php
session_start(); //to ensure you are using same session
session_destroy(); //destroy the session
header("location:http://localhost/moon/index.php");
//to redirect back to "index.php" after logging out
exit();
?>
Try following code.
Suppose you have page session_expr.php
<?php
if(isset($_GET['expire'])){
session_start();
session_destroy();
}
?>
<a href="session_expr.php?expire">Destroy session</a>
With this you are sending expire
with GET
method to the same page on clicking on the link. Once you have expire
in GET variable
the PHP code will execute with session_destroy()
function.
精彩评论