强制 PHP Session 使用元刷新销毁
[英]Force PHP Session Destroy Using Meta Refresh
问题描述
I have searched extensively, and although I have found many questions regarding managing PHP sessions expiration times, I have found none dealing with my proposed method.
我进行了广泛的搜索,虽然我发现了很多关于管理 PHP 会话到期时间的问题,但我没有发现任何与我提出的方法有关的问题。 I have working code, but wanted to pass it by this community to see if there are any unforeseen issues or potential exploitations.我有工作代码,但想通过这个社区传递它,看看是否有任何不可预见的问题或潜在的利用。 Thanks in advance for your feedback.提前感谢您的反馈。
Essentially, once the shopping cart session is set, the page would begin to refresh every 10 minutes of inactivity.本质上,一旦设置了购物车 session,页面将开始每 10 分钟不活动刷新一次。 Once the total elapsed time (since session was set) exceeds 30 minutes, the user would be redirected to a page that destroys all sessions.一旦总经过时间(因为设置了 session)超过 30 分钟,用户将被重定向到破坏所有会话的页面。
if (isset($_SESSION["shopping_cart"])) {
echo '<meta http-equiv="refresh" content="600" />';
if (!isset($_SESSION['timer'])) {
$_SESSION['timer'] = time();
}
$now = time();
$elapsed = $now - $_SESSION['timer'];
if ($elapsed > 1800) {
header('Location: session_reset.php');
exit();
}
}
1 个解决方案
解决方案1
0 2021-05-10 20:59:04
I don't see a problem with your code it checks every 10 minutes to see if the session time has exceeded 30 minutes and if it has redirects to kill the session.我没有看到您的代码有问题,它每 10 分钟检查一次 session 时间是否已超过 30 分钟,以及是否有重定向以杀死 session。
Not sure why you would want to do this though?不知道你为什么要这样做? perhaps store the users basket in a cookie or local storage then kill the session and leave a notice - hey user sorry your session timed out but never fear we have saved your basket here....也许将用户篮子存储在 cookie 或本地存储中,然后杀死 session 并留下通知 - 嘿,用户对不起您的 session 超时,但不要担心我们已经将您的篮子保存在这里......
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.