无法在 php 中使用会话 [英] fail to use session in php

问题描述

我阅读了一些关于如何保护会话的内容，我决定将 session_id 保存到数据库中，然后在加密后将其保存到会话变量中.

I read a bit on how to secure a session and what I decided to do was to save the session_id to the database, and then save it to a session variable after it has been encrypted.

这是我用于加密的类(由 Orielly 书籍作者编写):

Here is the class that I used for the encryption (it was writen by Orielly books author):

使用 session_set_save_handler 的加密类

我是这样应用的:

ini_set('session.use_only_cookies',true);       

//calls the session class.  
 require_once(dirname(__file__)."/../../Administrator/secure_session.php");
             session_start();

            if( !isset($_SESSION['mod']) )          
            {   
                Moderator::insert_moderator($name,session_id());    

                $_SESSION['mod']= session_id();

                $_SESSION['time']=time();

                echo "<br/>Moderator session: ".$_SESSION['mod'];
            }

这是抛出的异常:

致命错误:未捕获的异常异常"，消息为我无法生成安全的伪随机密钥.请在 C:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php:74 堆栈跟踪:#0 C:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php(107) 中使用 PHP >= 5.3 或 Mcrypt 扩展名:SecureSession->_randomKey(32) #1 [内部函数]: SecureSession->open('C:\xampp\htdocs...', 'PHPSESSID') #2 C:\xampp\htdocs\PoliticalForum\StoredProcedure\User\headerSite.php(43): session_start() #3 C:\xampp\htdocs\PoliticalForum\mainHome.php(14): include_once('C:\xampp\htdocs...') #4 {main} 在 C 中抛出:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php 第 74 行

Fatal error: Uncaught exception 'Exception' with message 'I cannot generate a secure pseudo-random key. Please use PHP >= 5.3 or Mcrypt extension' in C:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php:74 Stack trace: #0 C:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php(107): SecureSession->_randomKey(32) #1 [internal function]: SecureSession->open('C:\xampp\htdocs...', 'PHPSESSID') #2 C:\xampp\htdocs\PoliticalForum\StoredProcedure\User\headerSite.php(43): session_start() #3 C:\xampp\htdocs\PoliticalForum\mainHome.php(14): include_once('C:\xampp\htdocs...') #4 {main} thrown in C:\xampp\htdocs\PoliticalForum\Administrator\secure_session.php on line 74

我做错了什么，我该如何解决这个问题，因为我不太了解加密！

What am I doing wrong, how can I fix this, cause I dont understand much of encryption!

推荐答案

例外是因为您可能正在使用 PHP <5.3 或者你的 php.ini 中没有包含 mcrypt 扩展

The exception is because you're probably using PHP < 5.3 or you didn't include the mcrypt extension in your php.ini

在您的错误日志中，如果您查看该类的第 74 行:

In your error log says line 74 of the class, if you look at it:

(71)    if (defined(MCRYPT_DEV_URANDOM)) {
(72)        return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
(73)    } else {
(74)       throw new Exception("I cannot generate a secure pseudo-random key. Please use PHP >= 5.3 or Mcrypt extension");
(75)    }

这意味着未定义 MCRYPT_DEV_URANDOM，如果您查看 php.net 你会看到它是在 PHP >= 5.3 中在 Widnows 平台上引入的

that means that MCRYPT_DEV_URANDOM is not defined, and if you look in php.net you'll see that it was introduced in PHP >= 5.3 on Widnows platforms

要更新 PHP，请从此处 或 这里 (Windows)

To update you PHP download the latest stable version from here or here (Windows)

这篇关于无法在 php 中使用会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！