err its possible to override the default settings of your host by creating your own .htaccess file and here's a great tutorial if you havent touched that yet http://www.askapache.com/htaccess/apache-htaccess.html

错误可以通过创建自己的 .htaccess 文件来覆盖主机的默认设置，如果您还没有接触过，这里有一个很棒的教程 http://www.askapache.com/htaccess/apache-htaccess.html

or if you're too lazy to learn just create a ".htaccess" file (yes that's the filename) on your sites directory and place the following code

或者，如果您懒得学习，只需在您的站点目录中创建一个“.htaccess”文件（是的，这就是文件名）并放置以下代码

SetEnv session.use_cookies='0';

Use ini_set():

使用ini_set()：

ini_set('session.use_cookies', '0');

Or in your php.ini file:

或者在你的 php.ini 文件中：

session.use_cookies = 0

You can also put that setting in .htaccess so it applies to all scripts, otherwise you need to ensure that code is called on each request.

您还可以将该设置放在 .htaccess 中，使其适用于所有脚本，否则您需要确保在每个请求上调用代码。

Eg.

例如。

php_value session.use_cookies 0

php_value session.use_cookies 0

If you just need to be able to zap a session at a given time, use session_destroy(). If you want to completely end the session, here's a snippet copy/pasted straight out of the documentation:

如果您只需要能够在给定时间清除会话，请使用 session_destroy()。如果你想完全结束会话，这里有一个直接从文档中复制/粘贴的片段：

// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (isset($_COOKIE[session_name()])) {
    setcookie(session_name(), '', time()-42000, '/');
}

// Finally, destroy the session.
session_destroy();

I was having trouble with PHP's documented approach to destroying a session w/ cookies.

我在使用 PHP 记录的方法来破坏带有 cookie 的会话时遇到了麻烦。

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

This was resulting in my seeing the cookie set twice:

这导致我看到 cookie 设置两次：

Set-Cookie: SESSION_NAME=deleted; expires=Sat, 08-Jan-2011 14:09:10 GMT; path=/; secure
Set-Cookie: SESSION_NAME=1_4f09a3871d483; path=/

As documented in the PHP comments, setting the cookie value to something other than empty ('') gets rid of the "deleted" value, but the second cookie set remained.

如 PHP 注释中所述，将 cookie 值设置为除空 ('') 以外的值会消除“已删除”值，但第二个 cookie 集仍然存在。

To get rid of that, I had to add the code suggested above:

为了摆脱这种情况，我不得不添加上面建议的代码：

ini_set('session.use_cookies', '0');

I haven't looked at the source for sessions handling, but my guess is that setcookie(...) is bypassing the sessions module, so sessions doesn't know I called it. So, it is setting a default cookie after I set up a deleted cookie.

我没有查看会话处理的源代码，但我的猜测是 setcookie(...) 绕过了会话模块，所以会话不知道我调用了它。因此，在我设置已删除的 cookie 后，它正在设置默认 cookie。

I was testing on a mac: PHP 5.3.6 with Suhosin-Patch (cli) (built: Sep 8 2011 19:34:00)

我在 mac 上测试：PHP 5.3.6 with Suhosin-Patch (cli)（构建时间：2011 年 9 月 8 日 19:34:00）

The way to do it is to setup sessions yourself.

这样做的方法是自己设置会话。

In the central include file that all your other files are including (you do have one of those, right?), you need to do a few things as early as is practical.

在所有其他文件都包含的中央包含文件中（您确实有其中之一，对吗？），您需要在可行的情况下尽早做一些事情。

if( !array_key_exists('sessionid', $_POST) ) {
    // recreate the sessionid
    $sessionid = md5(rand().' '.microtime()); // Or something
} else {
    $sessionid = $_POST['sessionid'];

session_id($sessionid);
session_start();

Now you have to remember that as soon as you start the form, you need to include:

现在您必须记住，一旦您开始填写表格，您就需要包括：

<input type='hidden' name='sessionid'><?= session_id() ?></input>