PHP 会话变量在关闭 Firefox 后保持设置 [英] PHP Session Variables Stay Set After Closing Firefox

问题描述

可能的重复:
Firefox 会话 cookie

我正在创建一个网站，用户只能在登录时查看某些页面.为此，我检查是否设置了 $_SESSION['uid']，如果没有，我发送用户返回主页而不是私人页面.但是，在用户关闭浏览器后，$_SESSION['uid'] 保持设置，因此用户无需再次登录即可查看私人页面.为什么是这样?为什么 $_SESSION['uid'] 变量在浏览器会话中保持设置?该网站在 Chrome 中正常运行，但在 FF 中不能正常运行.

I'm creating a website in which users are allowed to view certain pages only when logged in. To accomplish this, I check to see if $_SESSION['uid'] is set and if it is not, I send the user back to the homepage instead of to the private page. However, after the user closes his browser, $_SESSION['uid'] stays set and so the user is allowed to view the private page without having to log in again. Why is this? Why is the $_SESSION['uid'] variable staying set across browser sessions? The site works properly in Chrome but not FF.

推荐答案

您可以尝试更改 PHP 设置以强制过期时间:

You can try to change the PHP settings to force the expire times:

ini_set('session.cookie_lifetime', 0);
ini_set("session.cache_expire", 0);

这也可以(在您关闭浏览器时自动使 cookie 过期):

This could also work (automatically expires the cookie when you close the browser):

ini_set('session.use_only_cookies', 0);

这篇关于PHP 会话变量在关闭 Firefox 后保持设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！