没有 cookie 的 PHP 会话 [英] PHP session without cookies

问题描述

有没有一种方法可以在不放置会话 cookie 的情况下在 PHP 中启动持久会话?是否有其他方法可以跨页面维护会话，例如基于 IP 地址的解决方案?

Is there a way that I can initiate a persistent session in PHP without the placement of a session cookie? Are there other ways of maintaining a session across pages, such as an IP address-based solution?

我提出这个问题的原因是，尽管大多数用户都启用了 cookie，但我想看看是否有办法让登录系统为禁用它的用户工作(尽管我认为禁用 cookie 只是不必要的偏执，就个人而言).

My reason for asking is, is that although most users have cookies on, I want to see if there's a way for a login system to work for those with it disabled (even though I think disabling cookies is just unnecessary paranoia, personally).

推荐答案

我认为要求用户启用 cookie 并不过分.当人们完全关闭它们时，我觉得很愚蠢.

I don't think it's too much to ask your users to enable cookies. I find it silly when people turn them off entirely.

否则，您可以将 session.use_only_cookies 设置为0"以强制将会话 ID 附加到 php 中的 URL.然而，这种方法有几个缺点.主要是将状态保留在 URL 中，而不是 Cookie 标头.如果用户复制并粘贴他们所在页面的 URL，而其他人点击它，他们将使用同一个会话.

Otherwise, you can set your session.use_only_cookies to "0" to force the appendage of a session ID to URLs within your php. This approach, however, has several draw backs. Mainly that of keeping the state within the URL, as opposed to the Cookie header. If a user were to copy and paste the URL of the page they were on, and someone else were to click on it, they would both be using the same session.

<?php
     ini_set("session.use_cookies", 0);
     ini_set("session.use_only_cookies", 0);
     ini_set("session.use_trans_sid", 1);
     ini_set("session.cache_limiter", "");
     session_start();

这篇关于没有 cookie 的 PHP 会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！