堆栈内存溢出
  简体   繁体   English

PHP:删除给定id的另一个会话

[英]PHP: Delete another session given the id

 原文  2012-11-19 02:31:02       php/ security/ session/ login/ sessionid

问题描述

I have the following problem: 我有以下问题:

  1. User X login in PC1, with session_id 1000. Leaves but forgot logout. 用户X在PC1中登录,session_id为1000.请忘记注销。
  2. User X login in PC2, with session_id 1001. 用户X在PC2中登录,session_id为1001。
  3. Before session 1000 timeout, user Y get access in PC1 as user X, with session_id 1000. 在会话1000超时之前,用户Y在PC1中以用户X的身份访问,其中session_id为1000。

In this way, two users get access as the same user, in different PCs, and different session ids. 通过这种方式,两个用户可以作为同一个用户,不同的PC和不同的会话ID进行访问。 What I wanna do is store the new session_id each time a user login (done), and delete the previously stored session_id. 我想做的是每次用户登录(完成)时存储新的session_id,并删除先前存储的session_id。 But I don't know how to delete or modify a session file given the id, without changing the current session. 我不知道如何删除或修改给定id的会话文件,而不更改当前会话。

I mean, I wanna do the following: 我的意思是,我想做以下事情:

  1. User X login in PC1, with session_id 1000. Script stores 1000 as last_session_id. 用户X在PC1中登录,session_id为1000.脚本将1000存储为last_session_id。 Leaves but forgot logout. 离开但忘了注销。
  2. Same user login in PC2, with session_id 10001. Script get last_session_id (1000) and delete that session info; 在PC2中使用session_id 10001进行相同的用户登录。脚本获取last_session_id(1000)并删除该会话信息; then stores 1001 as the new last_session_id. 然后将1001存储为新的last_session_id。
  3. User Y goes to PC1, with session_id 1000, but can't get access as X because the info was deleted. 用户Y转到PC1,session_id为1000,但由于信息被删除,无法访问X.

Can *session_id(old_session)* work properly? 可以* session_id(old_session)*正常工作吗? Or that function just rename the current session id, but mantain the values? 或者该函数只是重命名当前的会话ID,但保留值?

Thanks in advance. 提前致谢。

2 个解决方案

解决方案1
 4 已采纳  2014-11-17 21:14:42

I found this 我找到了这个 

$session_id_to_destroy = $sessionid;
// 1. commit session if it's started.
if (session_id()) {
    session_commit();
}

// 2. store current session id
session_start();
$current_session_id = session_id();
session_commit();

// 3. hijack then destroy session specified.
session_id($session_id_to_destroy);
session_start();
session_destroy();
session_commit();

// 4. restore current session id. If don't restore it, your current session will refer to the session you just destroyed!
session_id($current_session_id);
session_start();
session_commit();

It worked perfectly for me. 它对我来说很完美。

解决方案2
 0  2012-11-19 02:46:40

From my experience, I use one table to store data related to the session. 根据我的经验,我使用一个表来存储与会话相关的数据。 The table contains two or more fields of userID, lastSessionID. 该表包含两个或多个userID,lastSessionID字段。 On your system just need to get the sessionId and userID then compare it to the last sessionID stored in the db refers to the same userID. 在您的系统上只需要获取sessionId和userID然后将其与存储在db中的最后一个sessionID进行比较,即指向相同的userID。 If U get the same sessionID than continue but if different redirect page to logout. 如果U获得的会话ID与继续相同,但是如果不同的重定向页面要注销。 But, to use this method, you should keep a userID and sessionId into the db every time user login. 但是,要使用此方法,每次用户登录时都应将userID和sessionId保留在db中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 通过在PHP中指定特定的ID来删除多个表 - Delete multiple table by given a specific id in php 将用户ID从WP会话传递到另一个PHP会话 - Passing user id from the WP session to another PHP session 在 PHP 中删除临时会话 - Delete Temporary session in PHP 在php中删除会话变量 - delete session variable in php 如何删除PHP会话? - How to delete a PHP session? 在PHP中删除索引会话 - Delete index session in PHP 会话ID PHP更改了吗? - Session ID PHP changes? PHP会话创建者ID - PHP session creator ID PHP中的不同会话ID - Different Session ID in PHP PHP-结束会话ID - PHP - end session ID
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM