PHP安全会话将快速页面请求中的用户拒之门外

Question

using the fairly standard PHP security model from here

Every page has a session regeneration function like below and a login_check function (see the url above).

function sec_session_start() {
$session_name = 'sec_session_id'; // Set a custom session name
$secure = false; // Set to true if using https.
$httponly = true; // This stops javascript being able to access the session id. 
ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies. 
$cookieParams = session_get_cookie_params(); // Gets current cookies params.
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly); 
session_name($session_name); // Sets the session name to the one set above.
session_start(); // Start the php session
session_regenerate_id(); // regenerated the session, delete the old one.     
}

My users are having an issue if they are on a slow line and requesting pages too quickly - they are thrown out and taken back to the login page. I think it might be something with the session regeneration. Any ideas?

Answer 1

i use the same and never had problem....

just check if you forgot to start the

sec_session_start

somewhere ....

or you can have inverse problem...you called that function more times somewhere