php Codeigniter - 检查用户是否已登录并存在(它是真实用户)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17543509/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Codeigniter - check if user is logged and exists (it's a real user)
提问by itsme
I'm trying to set session data for users when they log in to my website.
当用户登录我的网站时,我试图为他们设置会话数据。
So if the user exists in db, I set a session data like : $this->session->set_userdata('user_exists','1');
因此,如果用户存在于 db 中,我将设置一个会话数据,如: $this->session->set_userdata('user_exists','1');
Now every time i want to check if user exists and is logged i do:
现在每次我想检查用户是否存在并被登录时,我都会这样做:
if($this->session->userdata('user_exists')){
//do somenthing for logged user
}
Now I'm wondering if this means that user is logged and exists in the database since he logged and I set him a session param, is this true? Or I'll get security problems?
现在我想知道这是否意味着用户已登录并存在于数据库中,因为他登录并且我为他设置了一个会话参数,这是真的吗?或者我会遇到安全问题?
NB: I'm using session database
注意:我正在使用会话数据库
回答by Sundar
//session encryption is mandatory
//会话加密是强制性的
$sess_id = $this->session->userdata('user_id');
if(!empty($sess_id))
{
redirect(site_url().'/reports');
}else{
$this->session->set_userdata(array('msg'=>''));
//load the login page
$this->load->view('login/index');
}
