PHP如何使用Cookie在同一浏览器中管理多个会话? [英] PHP how to manage multiple session in same browser using cookies?

问题描述

我是PHP的新手，我在阅读其他文章时都没有找到想要的答案，但是仍然不知道我想做的事情是否有意义.

I'm new to PHP, I read other articles without finding the answer I'm looking for, but still don't know if what I want to do makes sense or not.

我正在使用PHP 7.

I'm using PHP 7.

我的用户身份验证页面，检查凭据，然后执行 session_start()，在浏览器中创建会话服务器端和cookie客户端.

My user authentication page, checks credentials and then executes session_start(), creating the session server-side and a cookie client-side in the browser.

Web应用程序的每个其他页面然后调用 session_start()以恢复会话信息，在这种情况下，将检查cookie.到目前为止，一切正常……至少在我一次登录时.

Each other page of the web application then calls session_start() to resume session information, in this case checking the cookie. Everything works fine so far... at least when I have a single login.

我希望能够使用Cookie同时在同一个浏览器中(例如，在另一个选项卡上的 .)同时登录多个用户.我不想将会话ID附加到URL.

I'd like to be able to have more than one user SIMULTANEOUSLY logged in the same browser (on another tab for example.) using cookie. I don't want to append the session ID to the URL.

我设法根据用户名在身份验证页面中的 session_start()之前使用 session_id()在服务器端创建了不同的会话，但是问题出在客户端.

I managed to create different session on the server-side using session_id() before session_start() in the authentication page based on username, but the problem is on the client side.

第一次成功登录( session_start())创建一个cookie，第二次登录更新相同的cookie，从而破坏了先前创建的会话.

The first successful login (session_start()) creates a cookie and the second login updates the same cookie corrupting the previously created session.

因此，当要恢复会话时， session_start()将仅恢复最后一个会话，并混合基于会话信息从数据库中获取的数据.

Therefore when it comes to resume the session, session_start() will resume only the last session, mixing the data fetched from DB based on session info.

是否可以使 session_start()为每次登录创建一个cookie，并使PHP使用cookie恢复正确的会话?

Is there a way to make session_start() create a cookie for each login and make PHP resume the correct session using cookies?

有什么想法吗?

更多详细信息:我正在更新旧版应用，试图解决一些安全问题.出于管理目的，管理员需要访问同一站点，因此需要进行多个会话.需要分开会话的原因是，根据会话信息，数据是从其他数据库中获取的.因此，常规用法每个用户只需要一个会话，但是管理员需要进行多次登录才能根据该登录查看不同的数据.

FURTHER DETAILS: I'm updating a legacy app trying to fix some security issue. The need for multiple sessions comes from administrative purposeses where admins access the same site. The reason why it's needed a separation of session is that depending of the session info, the data are fetched from a different database. Therefore, a regular usage would only need one session per user, but the administrator he needs to make multiple logins viewing different data depending on that login.

推荐答案

您可以使用相同的会话，但可以更改要查找的变量名称:

You can use the same session but change the variable names that you are looking for:

if ( $_SERVER['REQUEST_URI'] == '/admin/' ):
    $session_name = 'session1';
else:
    $session_name = 'session2';
endif;
session_start( $session_name );

这篇关于PHP如何使用Cookie在同一浏览器中管理多个会话?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！