1. 首頁
  2. 問答
  3. 會話在單個域的不同頁面上具有不同的會話ID,非安全頁面!

會話在單個域的不同頁面上具有不同的會話ID,非安全頁面!

2011-03-24 39 views
0

我正在拉我的頭髮在這一個。我曾嘗試製作一個簡單的腳本來存儲會話,因此當用戶關閉瀏覽器時,他們可以稍後再回來,而他們的購物籃仍將保持完好。這一切似乎都很順利,直到我注意到有些物品的籃子裏裝的東西與以前一樣。經過一些檢查後,我注意到這些奇怪頁面上的會話ID是不同的!這是我的代碼,位於我的框架的頂部。會話在單個域的不同頁面上具有不同的會話ID,非安全頁面!

<?php 

session_start(); 
function sessions(){ 
    if(! isset($_COOKIE['PHPSESSID'])) { 
     setcookie("PHPSESSID", session_id(), strtotime('+ 30 days')); 
    }else{ 
     $con = Database::getInstance(); 
     if(session_id() != $_COOKIE['PHPSESSID']) { 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       $_SESSION['basket'] = unserialize(stripslashes($ar['basket'])); 
       $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
      } 
      unset($_COOKIE['PHPSESSID']); 
      setcookie("PHPSESSID", session_id(), strtotime('+ 30 days')); 
      header('Location: ' . get_base_url()); 
     }else{ 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(! empty($_SESSION['basket'])) { 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . $_COOKIE['PHPSESSID'] . "', data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id'"); 
       }else{ 
        $con->query("DELETE FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE id = '$id'"); 
       } 
      }else{ 
       if(! empty($_SESSION['basket'])) { 
        $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['PHPSESSID'] . "', NOW(), '" . addslashes(serialize($_SESSION['basket'])) . "')"); 
       } 
      } 
     } 
    } 
    echo 'cookie: ' . $_COOKIE['PHPSESSID'] . ' : session(): ' . session_id(); 
} 

?>

對這件事的任何幫助都非常感謝。

**編輯**

我試圖使它更簡單,但還是同樣的問題

<?php 

function sessions(){ 
    $con = Database::getInstance(); 
    if(session_id() == '') { 
     if(isset($_COOKIE['session_id'])) { 
      session_start(); 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'"); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(session_id() != $_COOKIE['session_id']) { 
        $_COOKIE['session_id'] = session_id(); 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
        $_SESSION['basket'] = unserialize(stripslashes($ar['data'])); 
       }else{ 
        if(isset($_SESSION['basket'])) { 
         $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id' "); 
        } 
       } 
      }else{ 
       $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['session_id'] . "', NOW(), '')");  
      } 
     }else{ 
      session_start(); 
      setcookie("session_id", session_id(), strtotime('+ 30 days')); 
      $_COOKIE['session_id'] = session_id(); 
     } 
    }else{ 
     die('session has previously been created'); 
    } 
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id(); 
} 

?>

來源

2011-03-24 Phil Jackson

+0

檢查在那裏它們被存儲在奇數頁和正常網頁會話cookie路徑 – 2011-03-24 05:13:01

+0

URI:HTTP://本地主機/ ECOM /服裝/男裝/ red_hat_thing餅乾:d488a3qd58vpu2ic3putd7co06:會話():d488a3qd58vpu2ic3putd7co06路徑:C:/wamp/tmp – 2011-03-24 05:17:55

+0

uri:http:// localhost/eCom/clothes/small_men/hat/long_scarf_3 cookie:1gq1q90sg4skjkorf1gg0urah1:session():1gq1q90sg4skjkorf1gg0urah1路徑:c:/ wamp/tmp – 2011-03-24 05:18:35

回答

0 
<?php 

function sessions(){ 
    $con = Database::getInstance(); 
    if(session_id() == '') { 
     session_start(); 
     if(isset($_COOKIE['session_id'])) { 
      $re = $con->query("SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'"); 
      display_error($con); 
      if($re->num_rows != 0) { 
       $ar = $re->fetch_assoc(); 
       $id = $ar['id']; 
       if(session_id() != $_COOKIE['session_id']) { 
        setcookie("session_id", '', strtotime('- 30 days'), '/', 'localhost'); 
        setcookie("session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost'); 
        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' "); 
        display_error($con); 
        $_SESSION['basket'] = unserialize(stripslashes($ar['data'])); 
       }else{ 
        if(isset($_SESSION['basket'])) { 
         $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes(serialize($_SESSION['basket'])) . "' WHERE id = '$id' "); 
         display_error($con); 
        } 
       } 
      }else{ 
       $con->query("INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` (`session_id`, `stamp`, `data`) VALUES ('" . $_COOKIE['session_id'] . "', NOW(), '')");  
       display_error($con); 
      } 
     }else{ 
      setcookie("session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost'); 
      $_COOKIE['session_id'] = session_id(); 
     } 
    }else{ 
     die('session has previously been created'); 
    } 
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id(); 
} 

function display_error($con) { 
    if(isset($con->error) && $con->error != '') { 
     die($con->error); 
    } 
} 

?>

上述作品! $ _COOKIES ['foo'] ='bar' * 不會 *僅在腳本期間重新對瀏覽器中的cookie進行重新評估。

另一個問題是需要設置cookie的路徑停止正在創建multipul餅乾。工作和運行順利!

來源

2011-03-24 08:00:57

相關問題

 相關問題