php php页面重定向后会话丢失
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3023353/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Session lost after page redirect in php
提问by King Julien
When I use php header redirection all session variables are lost... Some people say that adding exit(); just after the header(""); will solve the problem but it doesn't seem to be the solution...
当我使用 php 头重定向时,所有会话变量都丢失了...有人说添加 exit(); 就在标题之后(“”);会解决问题,但它似乎不是解决方案......
Can anyone please help?
有人可以帮忙吗?
Here is how I store variable into the session:
这是我将变量存储到会话中的方式:
include 'dbc.php';
$err = array();
foreach($_GET as $key => $value) {
$get[$key] = filter($value); //get variables are filtered.
}
if ($_POST['doLogin']=='Login')
{
foreach($_POST as $key => $value) {
$data[$key] = filter($value); // post variables are filtered
}
$user_email = $data['usr_email'];
$pass = $data['pwd'];
if (strpos($user_email,'@') === false) {
$user_cond = "user_name='$user_email'";
} else {
$user_cond = "user_email='$user_email'";
}
$result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE
$user_cond
AND `banned` = '0'
") or die (mysql_error());
$num = mysql_num_rows($result);
// Match row found with more than 1 results - the user is authenticated.
if ( $num > 0 ) {
list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result);
if(!$approved) {
//$msg = urlencode("Account not activated. Please check your email for activation code");
$err[] = "Account not activated. Please check your email for activation code";
//header("Location: login.php?msg=$msg");
//exit();
}
//check against salt
if ($pwd === PwdHash($pass,substr($pwd,0,9))) {
// this sets session and logs user in
session_start();
session_regenerate_id (true); //prevent against session fixation attacks.
// this sets variables in the session
$_SESSION['user_id']= $id;
$_SESSION['user_name'] = $full_name;
$_SESSION['user_level'] = $user_level;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
//update the timestamp and key for cookie
$stamp = time();
$ckey = GenKey();
mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
//set a cookie
if(isset($_POST['remember'])){
setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
}
if(empty($err)){
header("Location: myaccount.php");
}
}
else
{
//$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
$err[] = "Invalid Login. Please try again with correct user email and password.";
//header("Location: login.php?msg=$msg");
}
} else {
$err[] = "Error - Invalid login. No such user exists";
}
}
Redirection code:
重定向代码:
//connect database
require_once 'dbc.php';
page_protect();
$authorID = $_SESSION['user_id'];
if ( !empty($_POST["answ_content"]) && $authorID != 0 ) {
//vaqciot html chveulebriv texad
$content = htmlentities($_POST["answ_content"],ENT_COMPAT,'UTF-8');
$dro = date('Y-m-d H:i:s');
$qID = $_POST["question_ID"];
$author = $_SESSION["user_name"];
$sql="INSERT INTO wp_comments (comment_ID, comment_post_ID, comment_author, comment_author_IP, comment_date, comment_content, user_id)
VALUES
(NULL, '$qID', '$author', '123.123.123.123', '$dro', '$content', '$authorID')";
$result = mysql_query($sql);
//pasuxebis raodenobis ertit gazrda
$increase = "UPDATE wp_posts SET comment_count = comment_count+1 WHERE ID = $qID";
mysql_query($increase);
//gadamisamarteba shekitxvis gverdze
$url = 'Location:http://example.com/site/answ/question.php?ID=' .$qID;
header($url);
} else {
echo 'error';
}
回答by Lizard
You need to put exit();after your header redirection, otherwise you have just loaded two pages of content into 1 page.
您需要exit();在标题重定向之后放置,否则您刚刚将两页内容加载到 1 页中。
Also make sure you have session_start();at the top of all your scripts.
还要确保您session_start();位于所有脚本的顶部。
回答by Joseph
You aren't starting the session. In order to use session variables and have them carry across pages, you need to put
您没有开始会话。为了使用会话变量并让它们跨页面进行,您需要将
session_start();
at the top of each page before anything else.
在任何其他内容之前的每一页的顶部。
回答by emreozdemir
I was trying to set the session id of my own using :
我试图使用以下方法设置我自己的会话 ID:
session_id('own_generated_session_id_string');
But as the documentationsays, you have to use this before
但是正如文档所说,您必须在此之前使用它
session_start();
Using it after session_start(), clears the session parameters.
在 session_start() 之后使用它,清除会话参数。
回答by dvancouver
Simples! make sure the page you are coming from (e.g. www.example.com) redirects to a (eg.g www.example.com/redirect.php) notice www at the beginning. If you change that from page to page, then yes things get wonky.
简单!确保您来自的页面(例如 www.example.com)在开头重定向到(例如 www.example.com/redirect.php)通知 www。如果您逐页更改它,那么是的,事情会变得不稳定。
回答by user1495956
These sessions does not always work as we expect sometimes. I had a similar problem with my website using sessions that get lost. I basically solved it by injecting the value I want to keep on the session into the hidden text field the first time the page loads. Then the second time I call the page(page submit) I simply read the value from the hidden text field and carry on with rest of my code.
这些会话有时并不总是像我们期望的那样工作。我的网站使用丢失的会话时遇到了类似的问题。我基本上通过在页面第一次加载时将我想保留在会话中的值注入隐藏文本字段来解决它。然后我第二次调用页面(页面提交)时,我只是从隐藏的文本字段中读取值并继续我的其余代码。
That's more easier and cleaner than using sessions in this case!
在这种情况下,这比使用会话更容易、更干净!
回答by Lovepreet Singh
exit; should be placed after header redirection or session_regenerate_id(true); can be used
出口; 应该放在头重定向或 session_regenerate_id(true) 之后;可以使用
回答by Arvind
You just need to check the file permission in /var/lib/phpdirectory give yje public permisssion to /var/lib/php/sessiondirectory.
您只需要检查/var/lib/php目录中的文件权限,将 yje 公共权限授予/var/lib/php/session目录。
and all done.
并全部完成。
