php 通过 url 传递会话 ID
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/827910/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
passing session id via url
提问by stefs
I'm trying to get my script to use url session id instead of cookies. The following page is not picking up the variable in the url as the session id. I must be missing something.
我试图让我的脚本使用 url 会话 ID 而不是 cookie。下面的页面没有选择 url 中的变量作为会话 id。我肯定错过了什么。
First page http://www.website.com/start.php
首页http://www.website.com/start.php
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);
session_start();
$session_id = session_id();
header("location: target.php?session_id=". $session_id );
Following page - http://www.website.com/target.php?session_id=rj3ids98dhpa0mcf3jc89mq1t0
以下页面 - http://www.website.com/target.php?session_id=rj3ids98dhpa0mcf3jc89mq1t0
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);
print_r($_SESSION);
print(session_id())
Result is a different session id and the session is blank.
结果是不同的会话 ID,会话为空。
Array ( [debug] => no ) pt1t38347bs6jc9ruv2ecpv7o2
数组([调试] => 否)pt1t38347bs6jc9ruv2ecpv7o2
回答by stefs
be careful when using the url to pass session ids, that could lead to session hiHymaning via the referer!
使用 url 传递会话 ID 时要小心,这可能会导致通过引用进行会话劫持!
回答by Jeremy Logan
It looks like you just need to call session_start()on the second page.
看起来您只需要在第二页上调用session_start() 即可。
From the docs:
从文档:
session_start() creates a session or resumes the current one based on the current session id that's being passed via a request, such as GET, POST, or a cookie.
session_start() 根据通过请求(例如 GET、POST 或 cookie)传递的当前会话 ID 创建会话或恢复当前会话。
EDIT:
编辑:
That said, you could also try manually grabbing the session id from the query string. On the second page you'd need to do something like:
也就是说,您还可以尝试从查询字符串中手动获取会话 ID。在第二页上,您需要执行以下操作:
ini_set("session.use_cookies",0);
ini_set("session.use_trans_sid",1);
session_id($_GET['session_id']);
print_r($_SESSION);
print(session_id());
Note that the session_id()function will set the id if you pass it the id as a parameter.
请注意,如果您将 id 作为参数传递给session_id()函数,它将设置 id。
回答by relativityboy
My issue was using Flash in FF (as flash piggy backs IE, so sessions are not shared between the flash object and firefox)
我的问题是在 FF 中使用 Flash(因为 Flash 搭载 IE,所以 Flash 对象和 firefox 之间不共享会话)
Using php 5.3 all these answers pointed at the truth. What I finally found to work was pretty simple.. pass the id in the query string. Set it. THEN start the session.
使用 php 5.3 所有这些答案都指向了事实。我最终发现的工作非常简单.. 在查询字符串中传递 id。设置它。然后开始会话。
session_id($_GET['PHPSESSID']);
session_start();
回答by Niloy Mondal
Instead of hardcoding 'PHPSESSID', use this:
而不是 hardcoding 'PHPSESSID',使用这个:
session_id($_GET[session_name()]);
回答by Ruslan Kayumov
Just a little correction ... Don't forget to check param if it exists. This worked for me well.
只是一点点更正......不要忘记检查参数是否存在。这对我很有效。
if (isset($_GET['PHPSESSID'])) {
session_id($_GET['PHPSESSID']);
}
session_start();
