同一域中的两个不同的PHP会话,如何仅销毁其中一个?
[英]Two different PHP sessions in same domain, how to destroy only one of them?
问题描述
In the same domain I have two applications running 
在同一个域中,我有两个正在运行的应用程序
-
localhost/app1 -
localhost/app2
Here is my session management: 这是我的会话管理:
Page for check the login: 用于检查登录的页面:
session_start();
//...check if the login is correct
//if is correct
$_SESSION["SESSION_VALID"] = true;
//redirect to the correct page
//if is not correct
$_SESSION["SESSION_VALID"] = false;
//redirect to the login
A page of my application: 我的申请页面:
//check the session
session_start();
if(!$_SESSION['SESSION_VALID']){
//redirect to login page
header("Location: ../../login/");
exit;
}
Logout page: 登出页面:
session_start();
session_unset();
session_destroy();
//redirect to the login
header("Location: ../login/");
Now, back to the initial problem. 现在,回到最初的问题。 I have already read several questions on Stack Overflow related to this problem. 我已经阅读了有关此问题的有关堆栈溢出的几个问题。 The solution would be to use the session_name("app1") before every session_start() . 解决方案是在每个session_start()之前使用session_name("app1") session_start() 。
Ok, but now the problem is another: when I logout from one of the application, how can I set which session should be destroyed? 好的,但是现在的问题是另一个:当我从一个应用程序中注销时,如何设置应该销毁哪个会话? Just call session_name("app1") before the destruction of the session? 只需在会话销毁之前调用session_name("app1") ? Is the correct solution? 是正确的解决方案? Something like that? 这样的东西?
session_name("name_of_the_session_to_destroy");
session_start();
session_unset();
session_destroy();
header("Location: ../login/");
2 个解决方案
解决方案1
1 2015-01-20 08:55:17
In the logout button url, you can give a GET parameter like ?app=1 or ?app=2, so you know which app to close. 在注销按钮的网址中,您可以指定GET参数,例如?app = 1或?app = 2,这样您就可以知道要关闭哪个应用。 If you know the session name of the app you can close it with the following: 如果您知道应用程序的会话名称,则可以使用以下命令将其关闭:
You can use unset($_SESSION['SESSION_NAME']); 您可以使用unset($_SESSION['SESSION_NAME']); you unset a specific session. 您取消设置特定的会话。
解决方案2
1 已采纳 2015-01-20 09:09:20
It seems you have two applications on the same domain but want to operate two sessions entirely independently of each other. 似乎您在同一个域上有两个应用程序,但希望完全彼此独立地运行两个会话。 You are finding that logging off one app logs the user off the other app, but you don't want this to happen. 您发现注销一个应用程序会使用户注销另一应用程序,但是您不希望这种情况发生。
The solution is to set the session cookie only to be valid for the directory part of the domain for each app. 解决方案是将会话cookie设置为仅对每个应用程序的域的目录部分有效。 By default, sessions extend across the whole domain, which is why destroying the session in one app affects the other one too. 默认情况下,会话扩展到整个域,这就是为什么在一个应用程序中破坏会话也会影响另一应用程序的原因。
For example, to log onto app 1, do this at the start of your session: 例如,要登录应用程序1,请在会话开始时执行以下操作:
session_set_cookie_params (60 * 30, '/app1');
Of course, you will need to detect which app you are in, and serve the right path component accordingly. 当然,您将需要检测您所在的应用程序,并相应地提供正确的路径组件。 You can get this from a $_SERVER variable. 您可以从$_SERVER变量中获取。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.