我的网站会话存在问题。我建立了一个网站,要求用户登录才能查看网页。它在我的域下工作完全完美,但是当我将所有文件上传到不同的服务器时,临时性让客户端在这个服务器上预览网页我得到了这个问题我在标题中说明了。它会自动说密码不正确。您仍然可以正常登录,但如果您尝试导航到网站中的其他页面,它会在99%的时间内将您登录。</ p>
我正在使用PHPSecurePages作为我的登录表单,所以在我的每个网页的开头我都有
<?php
// Connect To Secure Login
$cfgProgDir = 'phpSecurePages/';
include($cfgProgDir . "secure.php");
这就是secure.php的样子
// Create a constant that can be checked inside the files to be included.
// This gives an indication if secure.php has been loaded correctly.
define('LOADED_PROPERLY', true);
// Check if secure.php has been loaded correctly
if (isset($_GET['cfgProgDir']) || isset($_POST['cfgProgDir']) || isset($_GET['languageFile']) || isset($_POST['languageFile'])) {
echo "Parsing of phpSecurePages has been halted!";
exit();
}
// include configuration
require($cfgProgDir . 'config.php');
// https support
if (getenv('HTTPS') == 'on') {
$cfgUrl = 'https://';
}
else {
$cfgUrl = 'http://';
}
// getting other variables
$phpSP_message = false;
// include functions and variables
if ( !defined("FUNCTIONS_LOADED") ) {
// check if functions were already loaded
include($cfgProgDir . 'objects/functions.php');
}
include($cfgProgDir . 'lng/' . $languageFile);
// choose between login or logout
if (isset($logout) && !(isset($_GET['logout']) || isset($_POST['logout']))) {
// logout
include($cfgProgDir . 'objects/logout.php');
}
else {
// starting login check
if ($noDetailedMessages == true) {
$strUserNotExist = $strUserNotAllowed = $strPwNotFound = $strPwFalse = $strNoPassword = $strNoAccess;
}
// make post variables global
if (isset($_POST['entered_login'])) $entered_login = $_POST['entered_login'];
if (isset($_POST['entered_password'])) $entered_password = $_POST['entered_password'];
// check if login is necessary
include($cfgProgDir . "objects/checklogin.php");
// check if IP is allowed (if using IP-restriced access)
if ($use_IP_restricted_access==true) {
include($cfgProgDir . "objects/checklogin_ip.php");
}
// check login with Database
if ($useDatabase == true) {
include($cfgProgDir . 'objects/checklogin_db.php');
}
// check login with Data
elseif ($useData == true) {
include($cfgProgDir . 'objects/checklogin_data.php');
}
它检查这个php文件(checklogin.php)
// check if login is necessary
// Check if secure.php has been loaded correctly
if ( !defined("LOADED_PROPERLY") || isset($_GET['cfgProgDir']) || isset($_POST['cfgProgDir'])) {
echo "Parsing of phpSecurePages has been halted!";
exit();
}
if (!isset($entered_login) && !isset($entered_password)) {
// use data from session
session_start();
// session hack to make sessions on old php4 versions work
if (phpversion() > 4.0) {
if (isset($_SESSION['login'])) $login = $_SESSION['login'];
if (isset($_SESSION['password'])) $password = $_SESSION['password'];
}
}
else {
// use entered data
session_start();
// session hack to make sessions on old php4 versions work
if (phpversion() <= 4.0) {
session_unregister("login");
session_unregister("password");
}
// encrypt entered login & password
$login = $entered_login;
if ($passwordEncryptedWithMD5 && function_exists(md5)) {
$password = md5($entered_password);
}
else {
$password = $entered_password;
}
// session hack to make sessions on old php4 versions work
if (phpversion() > 4.0) {
$_SESSION['login'] = $login;
$_SESSION['password'] = $password;
}
else {
session_register("login");
session_register("password");
}
}
if (!isset($login)) {
// no login available
include($cfgProgDir . "interface.php");
exit;
}
if (!isset($password)) {
// no password available
$phpSP_message = $strNoPassword;
include($cfgProgDir . "interface.php");
exit;
}
// login and password variables exist
// continue to checking them
?>