当Cookie被禁用时,PHP会话如何工作? [英] How do PHP sessions work when cookies are disabled?
本文介绍了当Cookie被禁用时,PHP会话如何工作?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我试图研究这个机制,但只是找到提示,这些不是很一致。如何将会话_id发送到浏览器,以及在用户请求新页面时如何返回浏览器?
I've tried to research this mechanism but only find hints and these are not very consistent. How is the session _id sent to the browser and how is the browser instructed to return it when the user requests a new page?
感谢Chris
推荐答案
PHP会做两件事:
- 所有链接都传递一个额外的GET参数,通常是PHPSESSID,但这可以通过在php.ini中设置session.name来更改
- 它会添加一个隐藏的输入, c $ c>< form> 开启标签。
- It will rewrite all links to pass an extra GET parameter, usually PHPSESSID but this can be changed by setting session.name in php.ini
- It will add a hidden input with the same name after all
<form>
opening tags.
请注意,这是一件危险的事情,因为任何人你复制/粘贴包含PHPSESSID参数的网址将能够在网站上共享您的登录会话 - 网络服务器没有简单的方法告诉您与您发送链接的人不同...
Note that this is a dangerous thing to do, because anyone who you e.g. copy/paste a URL to containing an PHPSESSID parameter will be able to share your login session on the site - the webserver has no easy way of telling that you are different from the person you sent the link to...
这篇关于当Cookie被禁用时,PHP会话如何工作?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文