[英]PHP secure session throwing out users in rapid page request
using the fairly standard PHP security model from here 从这里使用相当标准的PHP安全模型
Every page has a session regeneration function like below and a login_check function (see the url above). 每个页面都具有如下所示的会话重新生成功能和login_check函数(请参见上面的url)。
function sec_session_start() {
$session_name = 'sec_session_id'; // Set a custom session name
$secure = false; // Set to true if using https.
$httponly = true; // This stops javascript being able to access the session id.
ini_set('session.use_only_cookies', 1); // Forces sessions to only use cookies.
$cookieParams = session_get_cookie_params(); // Gets current cookies params.
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httponly);
session_name($session_name); // Sets the session name to the one set above.
session_start(); // Start the php session
session_regenerate_id(); // regenerated the session, delete the old one.
}
My users are having an issue if they are on a slow line and requesting pages too quickly - they are thrown out and taken back to the login page. 如果我的用户上网速度太慢并且请求页面的速度过快,则会遇到问题-他们被扔掉并带回到登录页面。 I think it might be something with the session regeneration.
我认为这可能与会话重新生成有关。 Any ideas?
有任何想法吗?
i use the same and never had problem.... 我用相同的,从来没有问题....
just check if you forgot to start the 只要检查您是否忘记启动
sec_session_start
somewhere .... 某处....
or you can have inverse problem...you called that function more times somewhere 否则您可能会遇到反问题...您在某处多次调用了该函数
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.