Internet Explorer中的PHP会话数据更改 [英] PHP session data changes in Internet Explorer
问题描述
我已经定义了一个使用PHP存储令牌的会话,如下所示:
I've defined a session to storing token using PHP like below:
$_SESSION['token'] = sha1(uniqid(mt_rand(), true));
当我想阅读本次会议时,我在Chrome或Firefox中没有任何问题.但是在IE中,它会在重新生成之前更改为其他内容.例如,如果我将其值存储在表单的隐藏字段中并提交,如下所示:
when I want to read this session, I have not any problem in Chrome or Firefox. But in IE, it changes to something else before regenerating. For example if I store its value in a hidden field of form and submit it like this:
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
我将在下一页的IE中获得此结果:
I will get this result in IE in the next page:
echo $_SESSION['token']; // shows 1b05fab5ec11f1d50713aea6e74f84727d29b4a3
echo $_POST['token']; // shows e8fac6d55b04d1752f37ecde953f7f08b112ccca
如果我在创建后立即甚至在其创建页面的末尾打印$_SESSION['token'],它就会准确地显示内容,而不会出现问题.
Whereas if I print $_SESSION['token'] immediately after creation or even in end of its creation page, it shows the content exactly and with no problem.
这是什么问题?
修改:
这是我的表格:
This is my form :
<form action="process/login.php" method="post">
<input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>" />
<label>Email: </label><input type="text" name="email" />
<div class="space"></div>
<label>Password: </label><input type="password" name="password" />
<div class="space"></div>
<input type="submit" value="Login" class="button" />
</form>
推荐答案
由于PHP和会话存储是服务器端,而IE显然是客户端,因此问题不在于会话代码中.
Since PHP and session storage are server side and IE is obviously a client, the problem does not reside in your session code.
通常通过cookie(会话cookie)或通过POST/GET变量来跟踪会话.在PHP中,默认情况下,该值名为PHPSESSID.
Sessions are usually kept track of by a cookie (session cookie) or though a POST/GET variable. By default in PHP this value is named PHPSESSID.
在您的情况下,可能链接到服务器端会话的会话cookie或POST/GET变量在IE中无法正常运行.如果使用Cookie,则可能与Cookie设置以及是否允许使用Cookie有关.如果是POST/GET,则可能是您的HTML格式错误,而IE却不喜欢,但其他浏览器确实可以理解.
Probably, in your case either the session cookie or POST/GET variable that is linked to your server side session is not coming over okay in IE. In case of a cookie, it might have to do with cookie settings and whether or not cookies are allowed at all. In case of a POST/GET it could be that your HTML is malformed in a way that IE doesn't like, but other browser do understand.
现在,一旦该值在IE中丢失,PHP就会为浏览器在每个请求上分配一个新的会话,并在每个请求上重新生成会话令牌.但是您的隐藏字段也会记住旧令牌...
Now once that value is lost in IE, PHP assigns that browser a new session on each request, and the session token is regenerated on each request. But your hidden field remembers the old token as well...
如果您向我们显示更多代码(可以编辑问题),我可以编辑答案以提供更多详细信息.
If you show us more code (you can edit your question), I can edit my answer to give you more details.
修改 您可以从向我们展示有关会话和会话cookie的相关php.ini设置行开始.并仔细检查您的IE cookie设置.具体来说,我想知道您是否设置了cookie_path,从而使cookie仅在同一目录中可用.
edit You can start by showing us the relevant php.ini settings lines that concern sessions and session cookies. And by double checking your IE cookie settings. In specific I would like to know if you have set a cookie_path, making cookies only available in the same directory.
也许您甚至已经安装了IE安全设置或安装了防止Cookie的加载项.因此,请尝试检查IE设置并禁用所有加载项,然后再次进行测试.
Maybe you even have an IE security setting or add-on installed preventing cookies. So try checking your IE settings and disable all add-ons and test it again.
还要检查第一页(用于设置会话)和第二页(用于读取会话)是否具有完全相同的域名.
Also check if the first page (that sets the session) and the second page (that reads the session) have EXACTLY the same domain name.
例如,第一页中的www.yourdomain.com不应在第二页中(不带www)或www.yourdomain.com.(在末尾带有一个额外的点)都不是yourdomain.com.
So for example www.yourdomain.com in the first page, should not be yourdomain.com on the second page (without the www) or www.yourdomain.com. (with an extra dot at the end).
这篇关于Internet Explorer中的PHP会话数据更改的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
