SESSIONS非常错误 [英] something very wrong with SESSIONS

问题描述

对我的英语抱歉，但我会尝试解释我的问题 -
i有网站，使用许多子域
当我在主要子域www.site.com中运行场景，并添加一些信息SESSION在这种情况下，然后我重定向到subdomain.site.com，这里SESSION是空的

这是我的cookie设置

  $ this-> Cookie-> domain =.site.com; 
 $ this-> Cookie-> key = md5（'key'）; 
 $ this-> Cookie-> path ='/'; 
  

我试图将THE SESSION保存在文件中，但不起作用

 配置:: write（'Session.save'，'cake'）; 
  

我试过这个ini_set（'session.cookie_domain'，'.site.com'）;

解决方案

当CakePHP'Security.level'设置为'high'或'medium'时，CakePHP将PHP session.referer_check设置为您的站点主机名。

但是，当用户点击电子邮件客户端中的链接时，查阅者检查测试失败，会话被标记为无效。

您必须执行以下操作：

1）将CakePHP'Security.level'设为低

或

2）为CakePHP提供自定义会话配置，如 here ，将'session.referer_check'设置为空字符串，这样：

  ini_set（'session.referer_check' ''）; 
  

sorry for my english, but i will try to explain my problem - i have site that using a lot of subdomains when I run scenario in main subdomain www.site.com and add some information to The SESSION inside that scenario, then I redirected to subdomain.site.com, and here the SESSION is empty

this is my settings for cookie

$this->Cookie->domain = ".site.com";        
$this->Cookie->key = md5('key');        
$this->Cookie->path = '/';

i tried to save THE SESSION in files, but it doesn't helps

Configure::write('Session.save', 'cake');

i tried this ini_set('session.cookie_domain', '.site.com'); but it didn't helps too

any ideas?

解决方案

When the CakePHP 'Security.level' is set to 'high' or 'medium', CakePHP sets the PHP session.referer_check to your site hostname.

However, when the user clicks a link inside an email client, the referer check test fails and the session is marked as invalid.

What you have to do is the following:

1) Set CakePHP 'Security.level' as 'low'

OR

2) Provide a custom session configuration for CakePHP, as shown here, setting 'session.referer_check' to an empty string, this way:

ini_set('session.referer_check', '');

这篇关于SESSIONS非常错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！