会话在单个域,非安全页面的不同页面上具有不同的会话ID!

时间:2011-03-24 05:07:09

标签: php session sessionid

我把头发拉过这一头。我试图创建一个简单的脚本来存储会话,所以当用户关闭浏览器时,他们可以稍后回来,他们的购物篮仍然会很好。这一切似乎都很顺利,直到我发现在某些物品上,篮子里装的物品与之前相同。经过一些检查后,我注意到这些奇怪页面上的会话ID不同!这是我的代码,它位于我的框架的顶部。

<?php

session_start();
function sessions(){
    if( ! isset( $_COOKIE['PHPSESSID'] ) ) {
        setcookie( "PHPSESSID", session_id(), strtotime('+ 30 days') );
    }else{
        $con = Database::getInstance();
        if( session_id() != $_COOKIE['PHPSESSID'] ) {
            $re = $con->query( "SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'" );
            if( $re->num_rows != 0 ) {
                $ar = $re->fetch_assoc();
                $id = $ar['id'];
                $_SESSION['basket'] = unserialize( stripslashes( $ar['basket'] ) );
                $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' " );
            }
            unset($_COOKIE['PHPSESSID']);
            setcookie( "PHPSESSID", session_id(), strtotime('+ 30 days') );
            header('Location: ' . get_base_url() );
        }else{
            $re = $con->query( "SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['PHPSESSID'] . "'" );
            if( $re->num_rows != 0 ) {
                $ar = $re->fetch_assoc();
                $id = $ar['id'];
                if( ! empty( $_SESSION['basket'] ) ) {
                    $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . $_COOKIE['PHPSESSID'] . "', data = '" . addslashes( serialize( $_SESSION['basket'] ) ) . "' WHERE id = '$id'" );
                }else{
                    $con->query( "DELETE FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE id = '$id'" );  
                }
            }else{
                if( ! empty( $_SESSION['basket'] ) ) {
                    $con->query( "INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` ( `session_id`, `stamp`, `data`) VALUES ( '" . $_COOKIE['PHPSESSID'] . "', NOW(), '" . addslashes( serialize( $_SESSION['basket'] ) ) . "' )" );  
                }
            }
        }
    }
    echo 'cookie: ' . $_COOKIE['PHPSESSID'] . ' : session(): ' . session_id();
}

?>

非常感谢任何有关此事的帮助。

**编辑**

我试图让它更简单但仍然是同样的问题

<?php

function sessions(){
    $con = Database::getInstance();
    if( session_id() == '' ) {
        if( isset( $_COOKIE['session_id'] ) ) {
            session_start();
            $re = $con->query( "SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'" );
            if( $re->num_rows != 0 ) {
                $ar = $re->fetch_assoc();
                $id = $ar['id'];
                if( session_id() != $_COOKIE['session_id'] ) {
                    $_COOKIE['session_id'] = session_id();
                    $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' " );
                    $_SESSION['basket'] = unserialize( stripslashes( $ar['data'] ) );
                }else{
                    if( isset( $_SESSION['basket'] ) ) {
                        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes( serialize( $_SESSION['basket'] ) ) . "' WHERE id = '$id' " );
                    }
                }   
            }else{
                $con->query( "INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` ( `session_id`, `stamp`, `data`) VALUES ( '" . $_COOKIE['session_id'] . "', NOW(), '' )" );       
            }
        }else{
            session_start();
            setcookie( "session_id", session_id(), strtotime('+ 30 days') );
            $_COOKIE['session_id'] = session_id();
        }
    }else{
        die('session has previously been created'); 
    }
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id();
}

?>

1 个答案:

答案 0 :(得分:0)

<?php

function sessions(){
    $con = Database::getInstance();
    if( session_id() == '' ) {
        session_start();
        if( isset( $_COOKIE['session_id'] ) ) {
            $re = $con->query( "SELECT * FROM `" . TABLE_PREFIX . "_tbl_sessions` WHERE session_id = '" . $_COOKIE['session_id'] . "'" );
            display_error( $con );
            if( $re->num_rows != 0 ) {
                $ar = $re->fetch_assoc();
                $id = $ar['id'];
                if( session_id() != $_COOKIE['session_id'] ) {
                    setcookie( "session_id", '', strtotime('- 30 days'), '/', 'localhost' );
                    setcookie( "session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost' );
                    $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET session_id = '" . session_id() . "' WHERE id = '$id' " );
                    display_error( $con );
                    $_SESSION['basket'] = unserialize( stripslashes( $ar['data'] ) );
                }else{
                    if( isset( $_SESSION['basket'] ) ) {
                        $con->query("UPDATE `" . TABLE_PREFIX . "_tbl_sessions` SET data = '" . addslashes( serialize( $_SESSION['basket'] ) ) . "' WHERE id = '$id' " );
                        display_error( $con );
                    }
                }   
            }else{
                $con->query( "INSERT INTO `" . TABLE_PREFIX . "_tbl_sessions` ( `session_id`, `stamp`, `data`) VALUES ( '" . $_COOKIE['session_id'] . "', NOW(), '' )" );       
                display_error( $con );
            }
        }else{
            setcookie( "session_id", session_id(), strtotime('+ 30 days'), '/', 'localhost' );
            $_COOKIE['session_id'] = session_id();
        }
    }else{
        die('session has previously been created'); 
    }
    echo 'cookie: ' . $_COOKIE['session_id'] . ' : session(): ' . session_id();
}

function display_error( $con ) {
    if( isset( $con->error ) && $con->error != '' ) {
        die( $con->error );
    }
}

?>

以上作品! $ _ COOKIES ['foo'] ='bar' * 不会 *仅在脚本中重新评估浏览器中的Cookie。

另一个问题是需要设置Cookie的路径以停止创建多个Cookie。工作和运行顺利!

相关问题
最新问题