PHP Session variable cannot be passed to the next page
- 2020-03-31 17:09:08
- OfStack
In my opinion, the reasons for this problem are as follows:
1. The client has disabled the cookie
2. The browser has a problem and cannot access the cookie temporarily
Session. use_trans_sid = 0 in php.ini or the option --enable-trans-sid is not turned on at compile time
Why is that? Let me explain:
Session is stored on the server side (by default, the Session is stored as a file). According to the Session id provided by the client side, the user's file is obtained and the value of the variable is obtained. To the server, which then reads the Session directory... . That is, the session id is the id card that gets the session variable stored on the service. When the code session_start (); When running, a session file is generated on the server, and a unique corresponding session id is generated. The session variable is defined to be stored in the generated session file in a certain form. With the session id, you can fetch the defined variable. After crossing pages, you must execute session_start() again in order to use session; A session file will be generated, and the corresponding session id will be generated. With this session id, the variables in the first session file mentioned above cannot be extracted, because this session id is not the "key" to open it. If session_start (); Session_id ($session id); Instead of generating a new session file, the session file corresponding to this id is read directly.
Session in PHP USES the client's Cookie by default to store the session id, so session will be affected when the client's Cookie fails. It is important to note that sessions do not have to rely on cookies, which is another advantage of sessions over cookies. When the client's Cookie is disabled or has a problem, PHP automatically attaches the session id to the URL so that the session variable can be used across pages. However, this attachment is conditional on "session.use_trans_sid = 1 in php.ini or the --enable-trans-sid option being turned on at compile time."
The friends who have used the forum know that, when entering the forum, you will often be prompted to check whether the Cookie is open, this is because most of the forum is based on the Cookie, the forum USES it to save user name, password and other user information, convenient to use. And many friends think cookies are not safe (they are not) and often disable them. In fact, in PHP programs, we can completely use SESSION to replace the Cookie, it can not depend on whether the client opened the Cookie.
Therefore, we can discard the cookie and use session, that is, we assume that the user closes the cookie and use session. The implementation ways are as follows:
1. Set session.use_trans_sid = 1 in php.ini or turn on the --enable-trans-sid option at compile time to allow PHP to automatically pass session ids across pages.
2. Manually pass the value through the URL and pass the session id through the hidden form.
3. Save session_id in the form of file, database and so on, and call it manually in the cross-page process.
Path 1:
S1. PHP
S2. PHP
Run the above code, in the case of normal client cookie, should be able to get the result "People's Republic of China".
Now if you manually close the client's cookie and run it again, you may not get the result. If the result is not available, then "set session.use_trans_sid = 1 in php.ini or turn on the -- enable-trans-sid option at compile time", and the result is "People's Republic of China".
Path 2:
S1. PHP
S2. PHP
The method of hiding the form has the same basic principle as above.
Path 3:
The login. The HTML
Mylogin1. PHP
Mylogin2. PHP
Also please turn off the cookie test, the user name: youngong password: 123 this is through the file to save the session id, the file is: e: mpphpsid.txt, please according to their own system to determine the file name or path.
As for the database approach, I won't give you an example, similar to the file approach.
To summarize, the above methods have one thing in common, which is to get the session id on the previous page, and then find a way to pass it to the next page, session_start() on the next page; Session_id (passed session id) before the code;
1. The client has disabled the cookie
2. The browser has a problem and cannot access the cookie temporarily
Session. use_trans_sid = 0 in php.ini or the option --enable-trans-sid is not turned on at compile time
Why is that? Let me explain:
Session is stored on the server side (by default, the Session is stored as a file). According to the Session id provided by the client side, the user's file is obtained and the value of the variable is obtained. To the server, which then reads the Session directory... . That is, the session id is the id card that gets the session variable stored on the service. When the code session_start (); When running, a session file is generated on the server, and a unique corresponding session id is generated. The session variable is defined to be stored in the generated session file in a certain form. With the session id, you can fetch the defined variable. After crossing pages, you must execute session_start() again in order to use session; A session file will be generated, and the corresponding session id will be generated. With this session id, the variables in the first session file mentioned above cannot be extracted, because this session id is not the "key" to open it. If session_start (); Session_id ($session id); Instead of generating a new session file, the session file corresponding to this id is read directly.
Session in PHP USES the client's Cookie by default to store the session id, so session will be affected when the client's Cookie fails. It is important to note that sessions do not have to rely on cookies, which is another advantage of sessions over cookies. When the client's Cookie is disabled or has a problem, PHP automatically attaches the session id to the URL so that the session variable can be used across pages. However, this attachment is conditional on "session.use_trans_sid = 1 in php.ini or the --enable-trans-sid option being turned on at compile time."
The friends who have used the forum know that, when entering the forum, you will often be prompted to check whether the Cookie is open, this is because most of the forum is based on the Cookie, the forum USES it to save user name, password and other user information, convenient to use. And many friends think cookies are not safe (they are not) and often disable them. In fact, in PHP programs, we can completely use SESSION to replace the Cookie, it can not depend on whether the client opened the Cookie.
Therefore, we can discard the cookie and use session, that is, we assume that the user closes the cookie and use session. The implementation ways are as follows:
1. Set session.use_trans_sid = 1 in php.ini or turn on the --enable-trans-sid option at compile time to allow PHP to automatically pass session ids across pages.
2. Manually pass the value through the URL and pass the session id through the hidden form.
3. Save session_id in the form of file, database and so on, and call it manually in the cross-page process.
Path 1:
S1. PHP
<?php
session_start();
$_SESSION['var1']=" People's Republic of China ";
$url="<a href=".""s2.php"> The next page </a>";
echo $url;
?>
S2. PHP
<?php
session_start();
echo " The passed session variable var1 The value is: ".$_SESSION['var1'];
?>
Run the above code, in the case of normal client cookie, should be able to get the result "People's Republic of China".
Now if you manually close the client's cookie and run it again, you may not get the result. If the result is not available, then "set session.use_trans_sid = 1 in php.ini or turn on the -- enable-trans-sid option at compile time", and the result is "People's Republic of China".
Path 2:
S1. PHP
<?php
session_start();
$_SESSION['var1']=" People's Republic of China ";
$sn = session_id();
$url="<a href=".""s2.php?s=".$sn.""> The next page </a>";
echo $url;
?>
S2. PHP
<?php
session_id($_GET['s']);
session_start();
echo " The passed session variable var1 The value is: ".$_SESSION['var1'];
?>
The method of hiding the form has the same basic principle as above.
Path 3:
The login. The HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login</title>
<meta. http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
Please log in:
<form. name="login" method="post" action="mylogin1.php">
The user name :<input type="text" name="name"><br>
password :<input type="password" name="pass"><br>
<input type="submit" value=" The login ">
</form>
</body>
</html>
Mylogin1. PHP
<?php
$name=$_POST['name'];
$pass=$_POST['pass'];
if(!$name || !$pass) {
echo " Username or password is empty, please <a href="login.html"> Log back in </a>";
die();
}
if (!($name=="youngong" && $pass=="123") {
echo " Incorrect username or password, please <a href="login.html"> Log back in </a>";
die();
}
//Registered users
ob_start();
session_start();
$_SESSION['user']= $name;
$psid=session_id();
$fp=fopen("e:tmpphpsid.txt","w+";
fwrite($fp,$psid);
fclose($fp);
//Authentication successful, the relevant operation
echo " Is logged in <br>";
echo "<a href="mylogin2.php"> The next page </a>";
?>
Mylogin2. PHP
<?php
$fp=fopen("e:tmpphpsid.txt","r";
$sid=fread($fp,1024);
fclose($fp);
session_id($sid);
session_start();
if(isset($_SESSION['user']) && $_SESSION['user']="laogong" {
echo " Is logged in !";
}
else {
//Login successfully to perform the relevant operation
echo " Not logged in, no access ";
echo " please <a href="login.html"> The login </a> After browsing ";
die();
}
?>
Also please turn off the cookie test, the user name: youngong password: 123 this is through the file to save the session id, the file is: e: mpphpsid.txt, please according to their own system to determine the file name or path.
As for the database approach, I won't give you an example, similar to the file approach.
To summarize, the above methods have one thing in common, which is to get the session id on the previous page, and then find a way to pass it to the next page, session_start() on the next page; Session_id (passed session id) before the code;