1. 首页
  2. 问答
  3. 会话在单个域的不同页面上具有不同的会话ID,非安全页面!

会话在单个域的不同页面上具有不同的会话ID,非安全页面!

2011-03-24 108 views
0

我正在拉我的头发在这一个。我曾尝试制作一个简单的脚本来存储会话,因此当用户关闭浏览器时,他们可以稍后再回来,而他们的购物篮仍将保持完好。这一切似乎都很顺利,直到我注意到有些物品的篮子里装的东西与以前一样。经过一些检查后,我注意到这些奇怪页面上的会话ID是不同的!这是我的代码,位于我的框架的顶部。会话在单个域的不同页面上具有不同的会话ID,非安全页面!

<?php 

session_start(); 
function sessions(){ 
    if(! isset($_COOKIE['PHPSESSID'])) { 
     setcookie("PHPSESSID", session_id(), strtotime('+ 30 days')); 
    }else{ 
     $con = Database::getInstance(); 
     if(session_id() != $_COOKIE['PHPSESSID']) { 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       $_SESSION['basket'] = unserialize(stripslashes($ar['basket'])); 
       $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
      } 
      unset($_COOKIE['PHPSESSID']); 
      setcookie("PHPSESSID", session_id(), strtotime('+ 30 days')); 
      header('Location: ' . get_base_url()); 
     }else{ 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(! empty($_SESSION['basket'])) { 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . $_COOKIE['PHPSESSID'] . "', data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id'"); 
       }else{ 
        $con->query("DELETE FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE id = '$id'"); 
       } 
      }else{ 
       if(! empty($_SESSION['basket'])) { 
        $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['PHPSESSID'] . "', NOW(), '" . addslashes(serialize($_SESSION['basket'])) . "')"); 
       } 
      } 
     } 
    } 
    echo 'cookie: ' . $_COOKIE['PHPSESSID'] . ' : session(): ' . session_id(); 
} 

?>

对这件事的任何帮助都非常感谢。

**编辑**

我试图使它更简单,但还是同样的问题

<?php 

function sessions(){ 
    $con = Database::getInstance(); 
    if(session_id() == '') { 
     if(isset($_COOKIE['session_id'])) { 
      session_start(); 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(session_id() != $_COOKIE['session_id']) { 
        $_COOKIE['session_id'] = session_id(); 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
        $_SESSION['basket'] = unserialize(stripslashes($ar['data'])); 
       }else{ 
        if(isset($_SESSION['basket'])) { 
         $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id' "); 
        } 
       } 
      }else{ 
       $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['session_id'] . "', NOW(), '')");  
      } 
     }else{ 
      session_start(); 
      setcookie("session_id", session_id(), strtotime('+ 30 days')); 
      $_COOKIE['session_id'] = session_id(); 
     } 
    }else{ 
     die('session has previously been created'); 
    } 
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id(); 
} 

?>

来源

2011-03-24 Phil Jackson

+0

检查在那里它们被存储在奇数页和正常网页会话cookie路径 – 2011-03-24 05:13:01

+0

URI:HTTP://本地主机/ ECOM /服装/男装/ red_hat_thing饼干:d488a3qd58vpu2ic3putd7co06:会话():d488a3qd58vpu2ic3putd7co06路径:C:/wamp/tmp – 2011-03-24 05:17:55

+0

uri:http:// localhost/eCom/clothes/small_men/hat/long_scarf_3 cookie:1gq1q90sg4skjkorf1gg0urah1:session():1gq1q90sg4skjkorf1gg0urah1路径:c:/ wamp/tmp – 2011-03-24 05:18:35

回答

0 
<?php 

function sessions(){ 
    $con = Database::getInstance(); 
    if(session_id() == '') { 
     session_start(); 
     if(isset($_COOKIE['session_id'])) { 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'"); 
      display_error($con); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(session_id() != $_COOKIE['session_id']) { 
        setcookie("session_id", '', strtotime('- 30 days'), '/', 'localhost'); 
        setcookie("session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost'); 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
        display_error($con); 
        $_SESSION['basket'] = unserialize(stripslashes($ar['data'])); 
       }else{ 
        if(isset($_SESSION['basket'])) { 
         $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id' "); 
         display_error($con); 
        } 
       } 
      }else{ 
       $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['session_id'] . "', NOW(), '')");  
       display_error($con); 
      } 
     }else{ 
      setcookie("session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost'); 
      $_COOKIE['session_id'] = session_id(); 
     } 
    }else{ 
     die('session has previously been created'); 
    } 
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id(); 
} 

function display_error($con) { 
    if(isset($con->error) && $con->error != '') { 
     die($con->error); 
    } 
} 

?>

上述作品! $ _COOKIES ['foo'] ='bar' * 不会 *仅在脚本期间重新对浏览器中的cookie进行重新评估。

另一个问题是需要设置cookie的路径停止正在创建multipul饼干。工作和运行顺利!

来源

2011-03-24 08:00:57

相关问题

 相关问题