如何停止AJAX调用保持一个PHP会话活着 [英] How can i stop an AJAX call keeping a PHP Session alive

问题描述

我有一个身份验证系统，使用CakePHP我的网站。它使用PHP的会话这一点。

I have an authentication system on my site using CakePHP. It uses PHP Sessions for this.

我在的地方是一个AJAX调用一个函数，它检查是否仍登录的用户（运行每分钟的setInterval内）。如果它返回false，那么使用Javascript接受当前的URL，并试图重定向他们，这反过来他们重定向到登录页面。从理论上讲这工作，因为它积极要求用户重新登录，而不是拿着陈旧的会议，这将只是要求他们尽快登录，因为他们点击的东西。我的问题是，我的AJAX调用是保持会话的活。因此，永远不会退出（这是我们不希望）

What i have in place is an AJAX call (within a setInterval running every minute) to a function which checks if the user is still logged in. If it returns false, then the Javascript takes the current URL and attempts to redirect them, which in turn redirects them to the login page. In theory this works because it actively asks the user to re-login instead of holding a stale session which will just ask them to login as soon as they click something. My problem is that my AJAX call is keeping the session alive. So never get logged out (which we don't want)

有什么我可以在CakePHP的或任何其他的方法，我可以用它来阻止这种情况发生？

Is there ANYTHING i can do within CakePHP or any other methods i can use to stop this happening?

推荐答案

添加＆放大器; AJAX = （任何）的查询字符串，当你检查的有效性会议的。

Add &ajax= (anything) to the query string when you're checking for the validity of the session.

然后，改变你的PHP会话code：

Then, alter your PHP session code:

session_start();
if(!isset($_GET["ajax"])) $_SESSION["lastactivity"] = time();
if(now() - $_SESSION["lastactivity"] > 3600){ //3600 seconds
    header("Location: login.php?url="+urlencode(str_replace("&ajax=", "", $_SERVER["REQUEST_URI"])));
    //Example:
    // Location: login.php?url=/sensible/secret.php?mode=show&hide=nothing
    exit;
}

这篇关于如何停止AJAX调用保持一个PHP会话活着的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！