检查PHP会话而不启动一个会话？ [英] Checking for PHP session without starting one?

问题描述

是否可以检查没有开始的会话？

我问的原因是，我正在开发的应用程序具有集成的管理界面。因此，当管理员登录后，他们将浏览与用户相同的页面以进行编辑。根据用户的权限显示字段和选项。

这会导致两个问题。

一个是因为会话正在启动，我无法启用浏览器缓存功能，因为发送的标头始终是：

 缓存控制：无存储，无-缓存，必须重新验证，后检查= 0，预检查= 0 
  

我正在使用smarty输出模板，并且不能实现：

  $ smarty-> cache_modified_check = true; 
  

发送未修改的304，因为会话已经开始。使用上述聪明的参数对我来说是浏览器缓存的完美解决方案。

两个是因为每个使用该网站的人都在开始会话，因此会话目录会

如果用户未登录，我可以破坏该会话，但是每加载一次页面，用户就会创建和删除一个会话。那是不好的做法吗？

因此，如果我可以检查是否存在活动会话而不启动会话，那么我所有的问题都将得到解决。有任何想法吗？请求页面时浏览器不发送会话cookie吗？

某些情况下最好是这样的：

 如果（session_exists）{
 session_start（）; 
 $ users-> priv = $ _SESSION [’priv’]; 
} 
 else {
 $ users-> priv = guest; 
} 
  

---------------作为回应到Tony Miller ---------------

使用session_id（）时，您必须已经启动了会话才能进行

  session_start（）;返回一个ID。 
 echo session_id（$ _ SESSION）; 
  

，或者您可以在调用会话开始之前为会话设置ID。

  session_id（ adfasdf）; 
 session_start（）; 
 echo session_id（$ _ SESSION）; 
 
 //打印 adfasdf 
  

这些都不对我有帮助。除非我缺少任何东西。

解决方案

您会想要 session_id（） ，如果没有会话，则返回空字符串

文档指出，如果没有会话开始，则返回空字符串（不是 nothing）。

正如2014年的评论所指出的（我在2009年写下了这个答案），如果其中存储有带有会话ID的Cookie，则会话可能会开始可以由 session_start（）拾取。。 p>

从PHP 5.4.0开始，我们现在有了 session_status（），但这在2009年不存在。

Is it possible to check for a session with out starting one?

The reason that I ask is, the app I am developing has an integrated admin interface. So when an admin is logged in they browse the same pages as the users to make their edits. Fields and options are shown based on the users privs.

This is causing two problems.

One is Because a session is being started, I can not enable browser caching features as the headers being sent are always:

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0       

I am using smarty to output the templates, and can't implement the:

$smarty->cache_modified_check = true;

to send a 304 not modified because a session has already been started. Using the above smarty param would be the perfect solution to browser caching for me.

Two is because every person using the site is starting a session the session directory gets filled with unneeded sessions.

I could just destroy the session if the user is not logged in, but then every single page load, the user would be creating and deleting a session. Is that bad practice?

So if I could just check to see if an active session exists without starting one all my problems would be solved. Any ideas? Doesn't the browser send the session cookie when requesting the page?

Something Ideally like this:

if (session_exists) {
 session_start();
 $users->priv = $_SESSION['priv'];
}
else {
 $users->priv = guest;
}

--------------- In response to Tony Miller ---------------

When using session_id(), you have to already have a session started for it to return an id.

session_start();
echo session_id($_SESSION);

or you can set an id for the session before calling session start

session_id("adfasdf");
session_start();
echo session_id($_SESSION);

//prints "adfasdf"

Neither of these help me. Unless I am missing something.

解决方案

You'd be wanting session_id(), which returns empty string if no session is defined.

The documentation indicates that empty string (which is not "nothing") is returned if no session is started.

As the 2014 comments indicate (I wrote this answer in 2009), there is the possibility that a session could start if there is a cookie with a session id stored in it that could be picked up by session_start().

As of PHP 5.4.0, we now have session_status() but this didn't exist in 2009.

这篇关于检查PHP会话而不启动一个会话？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！