PHP会话问题

时间:2010-01-06 09:09:10

标签: php security session-variables

我有一个地狱般的问题,我无法理解为我的生活。我为客户设置了一个超级简单的CMS。 CMS的每个不同页面都包含名为session.php的文件。

session_start(); 
$username = $_SESSION['siteadmin'];
if (!$_SESSION['siteadmin']){
    header( 'Location: login.php?status=2' );
}  

每隔一段时间,随机事物就会从数据库中消失。因此,我设置了一个原始日志系统,通过CMS记录任何操作。好吧,它再次发生了。日志显示:

Logged in                           **.**.237.209   17:18  <-- thats me
Deleted board member id 12  195.42.102.25   16:49 
Deleted board member id 15  195.42.102.25   16:49 
Deleted board member id 8   195.42.102.25   16:49 
Deleted board member id 10  195.42.102.25   16:49 
Deleted board member id 9   195.42.102.25   16:49 
Deleted board member id 4   195.42.102.25   16:49 
Deleted board member id 3   195.42.102.25   16:49 
Deleted board member id 5   195.42.102.25   16:49 
Deleted board member id 6   195.42.102.25   16:49 
Deleted board member id 11  195.42.102.25   16:49 
Deleted board member id 7   195.42.102.25   16:49 
Deleted review id 2             195.42.102.25   16:49 
Deleted review id 3             195.42.102.25   16:49

这会继续几页。它甚至没有显示195.42.102.25登录!上次发生在195.128.18.19。他们如何在没有会话变量的情况下加载窗口?我的代码中是否存在一个我完全忽略的安全漏洞?!

对此问题的任何见解都会很棒。

谢谢,

3 个答案:

答案 0 :(得分:8)

exit之后加header

答案 1 :(得分:3)

实际上,在标题之后放置一个出口或骰子。

很容易不遵循标题重定向并获得最终执行的内容。

关于这个问题,The Daily WTF上有一篇有趣的帖子(并且更完整),我暂时找不到。

编辑:发现它! :) http://thedailywtf.com/Articles/WellIntentioned-Destruction.aspx

答案 2 :(得分:0)

考虑在session_start之后添加session_regenerate_id()。这将阻止会话cookie窃取(如果您使用上述功能,则会在每个页面加载时重新生成cookie中的PHPSESSID),这可能正在发生(除了上面答案中的exit问题)