1. 首页
  2. 问答
  3. PHP在重定向后丢失会话数据

PHP在重定向后丢失会话数据

2016-03-08 137 views
0

我遇到了一个问题,它似乎有很多人正在尝试提供的所有解决方案,但似乎没有任何工作。PHP在重定向后丢失会话数据

我有我的会话开始在每个页面重定向header(location: exact url)重定向后调用exit();(我试过会话保存和其他几个)。全局是不是一个问题(PHP 7)和文件是在一个子域(开发此刻)确切链接:

localhost:1080/basefolder/admin/file.php

并启动会议是在文件夹

localhost:1080/basefolder/admin/php/file.php

文件的login.php - 本地主机:1080/basefolder /管理/ login.php中

<?php 
include 'php/adminloginfunctions.php'; 

if ($_SERVER["REQUEST_METHOD"] == "POST") { 
    if ($_POST['type'] == 'login'){ 
     $username = $_POST['loginusername']; 
     $password = $_POST['loginpassword'];  
    if (login($username, $password)) { 
     header('Location: http://' . $_SERVER['SERVER_NAME'].':1080' . dirname($_SERVER['REQUEST_URI']) . '/home.php'); 
     exit(); 
    } 

} else { 
    logout(); 
} 

} 

?>

会话功能在本地主机:1080/basefolder /管理/php/adminloginfunctions.php:

<?php 
    include 'adminmySQLCon.php'; 
    sec_session_start(); 

    function sec_session_start() { 
    $session_name = 'sec_session_id'; 
    $secure = true; 
    $httponly = true; 
    if (ini_set('session.use_only_cookies', 1) === FALSE) { 
     header("Location: ../error.php?err=Could not initiate a safe session   (ini_set)"); 
     exit(); 
    } 
     $cookieParams = session_get_cookie_params(); 
     session_set_cookie_params($cookieParams["lifetime"], 
     $cookieParams["path"], 
     $cookieParams["domain"], 
     $secure, 
     $httponly); 
     session_name($session_name); 
     session_start(); 
     session_regenerate_id(true); 
} 


function login($email, $password) { 
    global $conn; 
    if ($stmt = $conn->prepare("SELECT Occupant.idOccupant,   Occupant.Occ_Email, Occupant.Occ_Password, roles.RoleLevel 
     FROM Occupant INNER JOIN userrolemapping ON Occupant.idOccupant = userrolemapping.URMUserId 
      INNER JOIN roles on roles.idRoles = userrolemapping.URMRoleID 
     WHERE Occ_Email = ? 
     LIMIT 1")) { 
     $stmt->bind_param('s', $email); 
     $stmt->execute(); 
     $stmt->store_result(); 
     $stmt->bind_result($user_id, $username, $db_password, $userrole); 
     $stmt->fetch(); 

     if ($stmt->num_rows == 1) { 
      if (checkbrute($user_id) == true) { 
      return false; 
     } else { 
      if (password_verify($password, $db_password)) { 
       $user_browser = $_SERVER['HTTP_USER_AGENT']; 
       $_SESSION['user_id'] = $user_id; 
       $_SESSION['username'] = $username; 
       $_SESSION['login_string'] = hash('sha512', 
          $db_password . $user_browser); 
       $_SESSION['userrole'] = $userrole; 
       // Login successful. 
       return true; 
      } else { 
       $now = time(); 
       $conn->query("INSERT INTO login_attempts(idOccupant, time) 
           VALUES ('$user_id', '$now')"); 

       return false; 
      } 
     } 
    } else { 

     return false; 
    } 
} 
}

重定向页面home.php位于本地主机:1080/basefolder /管理/ home.php:

<?php 
    include 'php/adminloginfunctions.php'; 
    echo $_SESSION['userrole']; 
?>

的错误而导致:

Notice: Undefined index: userrole in 'folder link' on line 3

用完的东西尝试,任何帮助将是伟大的。

来源

2016-03-08 Caz1224

+0

快速更新:监视服务器端生成的cookie。当生成登录页面时,会创建一个空的cookie。一旦登录按钮被击中,将创建一个包含登录详细信息的cookie。然后在重定向时创建第三个空的cookie。我想知道这可能是一个问题吗? – Caz1224

+0

更新:在“session_set_cookie_params”中将安全设置设置为false似乎解决了问题。当然,这不是一个好的解决方案? – Caz1224

回答

0

在“session_set_cookie_params”中将安全设置为false似乎解决了问题。

function sec_session_start() { 
$session_name = 'sec_session_id'; 
$secure = FALSE; 
$httponly = true; 
if (ini_set('session.use_only_cookies', 1) === FALSE) { 
    header("Location: ../error.php?err=Could not initiate a safe session   (ini_set)"); 
    exit(); 
} 
    $cookieParams = session_get_cookie_params(); 
    session_set_cookie_params($cookieParams["lifetime"], 
    $cookieParams["path"], 
    $cookieParams["domain"], 
    $secure, 
    $httponly); 
    session_name($session_name); 
    session_start(); 
    session_regenerate_id(true); 
}

来源

2016-03-08 10:16:41 Caz1224

相关问题

 相关问题