修改is_signin 函数 主动查询一次用户状态,禁用后清session 和cookie 就好
~~~
function is_signin()
{
$user = session('user_auth');
if (empty($user)) {
// 判断是否记住登录
if (cookie('?uid') && cookie('?signin_token')) {
$UserModel = new User();
$user = $UserModel::get(cookie('uid'));
if ($user) {
if($user['status'] == 0){
goto force_exit;
}
$signin_token = data_auth_sign($user['username'].$user['id'].$user['last_login_time']);
if (cookie('signin_token') == $signin_token) {
// 自动登录
$UserModel->autoLogin($user);
return $user['id'];
}
}
};
return 0;
}else{
if(session('user_auth_sign') == data_auth_sign($user)){
$user = User::get($user['uid']);
if($user['status'] == 0){
force_exit:
cookie('uid', null);
cookie('signin_token', null);
session('user_auth', null);
session('user_auth_sign', null);
return 0;
}else{
return $user['id'];
}
}else{
return 0;
}
}
}
~~~
