即使設置了 PHPSESSID 並且 session_start() 已被調用 PHP，會話也不處於活動狀態

Question

我正在嘗試創建一個頁面來注銷我網站上的用戶，但是當我嘗試重新初始化會話時，我的頁面一直說Warning: session_regenerate_id(): Cannot regenerate session id - session is not active 。 啟動會話的代碼：

try {
  if (!isset($_SESSION) or session_id() == "") {
    session_start();
    if (!isset($_COOKIE['auth']) or $_COOKIE['auth'] != 'NO') {
      $_COOKIE['auth'] = 'NO';
    }
  }
} catch (Error $e) {
  echo "Caught Error: $e";
}

登出頁面代碼：

try {
    unset($_SESSION);
    session_regenerate_id(true);
} catch (Error $e) {
    echo "Caught Error: $e";
}

有沒有session_destroy() S或類似的東西在其他地方在我的網站（如提到這里），我可以看到PHPSESSID cookie設置和清除餅干被頁面刷新后重新設置后。

Answer 1

只知道會話應該在代碼的開頭開始

所以做這樣的事情：

<?php

    session_start();
    session_regenerate_id(true);

    if($_SESSION['name_of_the_session'] == false){
        header("Location: please_make_login.php"); //If doesn't exists the session, redirect user to the login page
        exit();
    }
   
    try {
        if (!isset($_COOKIE['auth']) or $_COOKIE['auth'] != 'NO') {
          $_COOKIE['auth'] = 'NO';
        }
      }
    } catch (Exception $e) {
      echo "Caught Error: " . $e->getMessage();
    }

登出

<?php

    session_start(); //It'll see if exists a session
    session_destroy(); //Then will destroy the session
    header("Location: index.php"); //And redirect to a page named index.php & finish the process
    exit();

如果你想使用會話，那么首先在每個 PHP 腳本中初始化它們，在初始化會話后，重新生成 id，一個簡單的例子：

<?php
 
 session_start();
 session_regenerate_id(true); //I recommend to use true

 $some_variable = $_SESSION['name_of_the_session'];

 //Don't forget to check if the session exists, if the user really started a session!
 
 if($some_variable == false){
   header("Location: please_make_login.php"); //Redirect the user to a page because the user doesn't started a session
   exit();
 }

 echo $some_variable; //Echo the value of the session, it'll only echo if really exists