session start()在每个请求中创建新的会话文件条目

时间:2017-01-21 11:01:51

标签: php session

我使用角度2来制作交叉原点(角度2文件位于远程服务器中的localhost和api文件)http post请求user.php文件。 User.php使用session来确定用户的状态,问题是session_start()在/ tmp文件夹中创建了一个新的会话文件条目。

的php.ini 

session.auto_start  Off Off
session.cache_expire    180 180
session.cache_limiter   nocache nocache
session.cookie_domain   no value    no value
session.cookie_httponly Off Off
session.cookie_lifetime 0   0
session.cookie_path /   /
session.cookie_secure   Off Off
session.entropy_file    /dev/urandom    /dev/urandom
session.entropy_length  32  32
session.gc_divisor  1000    1000
session.gc_maxlifetime  1440    1440
session.gc_probability  1   1
session.hash_bits_per_character 5   5
session.hash_function   0   0
session.lazy_write  On  On
session.name    PHPSESSID   PHPSESSID
session.referer_check   no value    no value
session.save_handler    files   files
session.save_path   /tmp    /tmp
session.serialize_handler   php php
session.upload_progress.cleanup On  On
session.upload_progress.enabled On  On
session.upload_progress.freq    1%  1%
session.upload_progress.min_freq    1   1
session.upload_progress.name    PHP_SESSION_UPLOAD_PROGRESS   PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix  upload_progress_    upload_progress_
session.use_cookies On  On
session.use_only_cookies    On  On
session.use_strict_mode Off Off
session.use_trans_sid   0   0

user.php的

<?php

session_start();

header('Access-Control-Allow-Origin: http://votingsystem.gr:4200');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization');
header('Content-Type: application/json');

require_once 'utilities/constants.php';
// require_once 'utilities/jwt.php';
// print_r($_SESSION['id']);
// session_save_path('/tmp');
if (empty($_SESSION)) {
    $response['empty session'] = 'empty session';
} else {
    $response['not empty session'] = 'not empty( session)';
}

if (file_get_contents('php://input') != null) {

    $data = json_decode(file_get_contents('php://input'));

    // $response['action'] = $data->action;
    if ($data->action != null && !empty($data->action)) {
        // $jwt = new JWT();

        if ($data->action === 'login_admin') {
            // $_SESSION['id'] = 10;
            $_SESSION['username'] = 'admin';
            // $response['id'] = $_SESSION['id'];
            $response['username'] = $_SESSION['username'];
        } else if ($data->action === 'login_user') {
            //for mobile users
        } else if ($data->action === 'check_admin_state') {
            // $response['id'] = $_SESSION['username'];
            if (isset($_SESSION['username'])) {
                $response['code'] = STATUS_OK;
                $response['desc'] = 'User authorized.';
            } else {
                // $response['session'] = $_SESSION;
                $response['code'] = ERROR_UNAUTHORIZED_USER;
                $response['desc'] = 'User unathorized.';
            }
        } else {

        }
        // $response['code'] = STATUS_OK;
    } else {
        $response['code'] = ERROR_INVALID_ACTION;
        $response['desc'] = 'Invalid action.';
    }
    // $response['session'] = $_SESSION;
    echo json_encode($response);
}

?>

1 个答案:

答案 0 :(得分:0)

终于,经过几个小时的挖掘,我发现了它。问题是在交叉源请求cookie没有发送到服务器,所以我的角度代码没有发送它。我改变了这个

对于那些感兴趣的人来说,

angular 2代码:

    let headers = new Headers({ 'Content-Type': 'application/json' });
    let options = new RequestOptions({ headers: headers, withCredentials: true });

    let body = { action: 'login_admin', username: 'test', password: 'password' };

    return this.http.post('url',
            JSON.stringify(body), options)
        .map(this.success)
        .catch(this.error);

我加了

header('Access-Control-Allow-Credentials: true');
在user.php文件中

,session_start()不再创建新的文件条目,它的工作方式与预期的一样。

相关问题
最新问题