开发者

At what point is session data available?

问答 作者:

I have the following so far opening a session (php),

session_start() ;

foreach($_SESSION as $key => $value){
    $alert .= '<br/>' . '['.$key.']='.$value ;
}

$alert .= '<br/>$_SERVER[MY_SERVER...]='.$_SERVER['MY_SERVER_GENERATED'] ;

if($_SESSION['MY_SERVER_GENERATED'] !== true ||
    $_SERVER['REMOTE_ADDR'] !== $_SESSION['PREV_REMOTEADDR'] ||
    $_SERVER['HTTP_USER_AGENT'] !== $_SESSION['PREV_USERAGENT']){
        $alert .= 'session destroyed' ;
        session_destroy() ;
}

if(isset($_SESSION['CREATED']) && (strtotime('now') - $_SESSION['CREATED']) > 300){//Delete expired sessions - seconds
    $alert .= '<div class="error_box">Your session has expired!</div>' ;
    $_SESSION = array() ;
}

session_regenerate_id();
$_SESSION['CREATED'] = strtotime('now') ;
$_SESSION['MY_SERVER_GENERATED'] = true ;
$_SESSION['PREV_USERAGENT'] = $_SERVER['HTTP_USER_AGENT'] ;
$_SESSION['PREV_REMOTEADDR'] = $_SERVER['REMOTE_ADDR'] ;

echo $alert ;

The problem is the session is being dest开发者_如何转开发royed everytime. $_SESSION is simply empty. At what point is it available to run checks like above?

Oops forgot to specifiy that I have verified the session is holding data but not until the page has been started. So the session is being destroyed because the $_SESSION data is all null and so the conditions are evaluating to false. As an example $alert does not register as having anything stored in it.

Your code seems to have a catch 22:

session_start() ;


if(!$_SESSION['MY_SERVER_GENERATED']){ <------- this will always be true 
                                                for a fresh session, so
    session_destroy() ;  <--------------------- this will always be executed

your session data never has a chance to populate.

继续阅读:phpsession

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9