在我的实时应用程序上出现行为,这很像会话冲突。 不知道为什么
[英]Getting behavior on my live app that seems a lot like session collisions. Can't figure out why
问题描述
Basically, users are intermittently seeing and overwriting each other's data (obviously, this is REALLY bad). 
基本上,用户会间歇性地查看和覆盖彼此的数据(显然,这确实很糟糕)。 I've tried to recreate the behavior on my testing site to no avail. 我试图在测试站点上重新创建该行为,但无济于事。 On the testing site, accounts stubbornly display only their own data. 在测试站点上,帐户仅显示自己的数据。
This is a low traffic application. 这是一个低流量的应用程序。 It currently has under 200 user accounts. 目前,它有不到200个用户帐户。
I'm happy to post my code, but I'm not even sure which code to post. 我很高兴发布我的代码,但是我什至不确定要发布哪个代码。
Things I've thought of which could cause this behavior: 我想到的事情可能导致此行为:
Multiple users accidentally being assigned redundant uids in the database. 多个用户意外地在数据库中分配了冗余uid。
Nope. 不。 Database key constraints forbid this, as they should. 数据库密钥约束禁止这样做,因为它们应该这样做。
Session id collisions. 会话ID冲突。
I doubt it. 我对此表示怀疑。 The session ids are being set by PHP, I did't mess with that, so they're big long MD5 hashes like they're supposed to be. 会话ID是由PHP设置的,我对此并没有感到困惑,因此它们像预期的那样是很大的MD5哈希值。
Session collisions in the database. 数据库中的会话冲突。
Our Sessions table in the database has five columns: sessionkey, uid, serieskey, expiration and ipaddress. 数据库中的Sessions表有五列:sessionkey,uid,serieskey,expiration和ipaddress。 Sessions are being created and destroyed as they should be as users log in and out. 会话将按照用户登录和注销时的原样创建和销毁。 I've been watching it real time and it works fine. 我一直在实时观看,效果很好。
And yet, on our test site, I can't reproduce the behavior. 但是,在我们的测试站点上,我无法重现该行为。 Even with several accounts logged in at once from different ip addresses. 即使有多个帐户同时从不同的IP地址登录。 But the users are definitely reporting it on the live site and I can see the results of users overwriting each other's data in my database. 但是用户肯定是在实时站点上报告它,并且我可以看到用户覆盖数据库中彼此数据的结果。 I'm at a loss as to why this might be happening. 我茫然为什么会发生这种情况。 Knowing you can't see my entire gigantic code base (it took me and two others a year to write this) where would you start looking next? 知道您看不到我的整个巨大代码库(我和另外两个人一年写这篇代码),您将从哪里开始寻找下一个?
1 个解决方案
解决方案1
0 2015-01-27 21:05:34
The problem was in the way we were doing cookie generation. 问题在于我们进行Cookie生成的方式。 It was a part of the code I'd never worked on. 这是我从未使用过的代码的一部分。 When I managed to corner the guy who wrote that part, he knew exactly why it was happening and fixed it in under a minute. 当我设法使编写该部分的人陷入困境时,他确切地知道了为什么会发生,并在一分钟之内将其修复。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.