在 Kohana 外部访问 Kohana 中设置的会话变量
Accessing a session variable set in Kohana outside of Kohana
我正在尝试使用 KCFinder with CKEditor and Kohana。我需要每个用户都可以访问他们自己的个人上传文件夹。为此,我想将当前用户 ID 传递给 KCFinder。为了安全地做到这一点,我不能通过 URL 作为 GET 变量传递它,所以我需要通过会话来完成它。
我尝试在 Kohana 中设置变量,当我在 Kohana 中 var_dump($_SESSION) 时,变量就在那里。当我在 KCFinder 中这样做时,它不存在。我检查了 session_id 并注意到它在页面之间发生变化,因此我使用 URL 作为 GET 变量将 session_id 传递给 KCFinder,然后将 session_id 设置为KCFinder 所以它匹配。然而,当我 var_dump($_SESSION).
时,变量 仍然 不可用
这是我的 Kohana 动作:
public function action_edit()
{
$this->template->javascripts[] = '/ckeditor/ckeditor.js';
$_SESSION['KCFINDER']['user_id'] = Auth::instance()->get('id');
var_dump(session_id(), $_SESSION['KCFINDER']);
$id = (int)$this->request->param('id');
$this->layout = Request::factory('document/update/'.$id)->execute()->body();
$this->template->js_custom .= "var phpsessionid = '".session_id()."';";
}
// document/update action
public function action_update()
{
$id = (int)$this->request->param('id');
if ( ! $id)
{
throw new HTTP_Exception_400('No document ID was specified. Please go back and try again.');
}
$document = ORM::factory('Document', $id);
if ( ! $document->loaded())
{
throw new HTTP_Exception_400('No valid document ID was specified.');
}
$layout = View::factory('layouts/documents/edit')
->bind('back_link', $back_link)
->bind('values', $values)
->bind('errors', $errors)
->bind('success', $success)
->bind('is_acp', $is_acp);
$is_acp = (strpos(Request::initial()->uri(), 'acp') !== FALSE);
if ( ! $is_acp AND Auth::instance()->get('id') != $document->user_id)
{
throw new HTTP_Exception_403('Unauthorised access. You do not have permission to edit this document.');
}
elseif ($document->is_published AND ! Auth::instance()->get('is_admin'))
{
throw new HTTP_Exception_403('Unauthorised access. You cannot edit a published document.');
}
$back_link = $is_acp ? '/acp/documents' : '/account';
$values = array();
$errors = array();
foreach ($document->table_columns() as $key => $null)
{
$values[$key] = $document->$key;
}
if (Request::initial()->method() == Request::POST)
{
// We assume that is_published and is_paid are unchecked. Later on we check to see if they are checked and change the values.
if ($document->is_published == 1 AND $is_acp)
{
$values['is_published'] = -1;
}
if ($document->is_paid == 1 AND $is_acp)
{
$values['is_paid'] = 0;
}
foreach (Request::initial()->post() as $key => $val)
{
if ($key == 'is_published')
{
// Check for a first time publish, and if it is run the publish method to save the PDF.
if ($document->is_published == 0)
{
Request::factory('document/publish/'.$document->id)->query(array('no_redirect' => TRUE))->execute();
}
$values[$key] = 1;
}
elseif ($key == 'is_paid')
{
$values[$key] = 1;
}
else
{
$values[$key] = $val;
}
}
$document->values(Request::initial()->post(), array('title', 'summary', 'category_id', 'content'));
if ($is_acp)
{
$document->is_published = $values['is_published'];
if ($document->is_published == 1)
{
$document->date_published = time();
}
$document->is_paid = $values['is_paid'];
}
try
{
$document->save();
$success = TRUE;
}
catch (ORM_Validation_Exception $e)
{
$errors = $e->errors('models');
}
catch (Exception $e)
{
throw new HTTP_Exception_500($e->getMessage);
}
}
$this->response->body($layout->render());
}
这是我的 KCFinder 配置的顶部:
$session_id = @$_GET['phpsession'];
session_start();
session_id($session_id);
define('ROOT', str_replace('eshop/kcfinder', '', __DIR__), TRUE);
var_dump(session_id(), $_SESSION); exit;
当我打开 KCFinder 时,会话是空的(或者只有 KCFinder 默认会话)并且与 Kohana 会话无关。谁能帮我解决这个问题?
你的问题是函数调用的顺序。在设置作为参数传递的会话 ID 之前,您正在启动会话(如果没有传递 ID,它将生成一个具有新 ID 的新会话)——它需要反过来。
http://php.net/manual/en/function.session-id.php:
If id is specified, it will replace the current session id. session_id() needs to be called before session_start() for that purpose.
我正在尝试使用 KCFinder with CKEditor and Kohana。我需要每个用户都可以访问他们自己的个人上传文件夹。为此,我想将当前用户 ID 传递给 KCFinder。为了安全地做到这一点,我不能通过 URL 作为 GET 变量传递它,所以我需要通过会话来完成它。
我尝试在 Kohana 中设置变量,当我在 Kohana 中 var_dump($_SESSION) 时,变量就在那里。当我在 KCFinder 中这样做时,它不存在。我检查了 session_id 并注意到它在页面之间发生变化,因此我使用 URL 作为 GET 变量将 session_id 传递给 KCFinder,然后将 session_id 设置为KCFinder 所以它匹配。然而,当我 var_dump($_SESSION).
这是我的 Kohana 动作:
public function action_edit()
{
$this->template->javascripts[] = '/ckeditor/ckeditor.js';
$_SESSION['KCFINDER']['user_id'] = Auth::instance()->get('id');
var_dump(session_id(), $_SESSION['KCFINDER']);
$id = (int)$this->request->param('id');
$this->layout = Request::factory('document/update/'.$id)->execute()->body();
$this->template->js_custom .= "var phpsessionid = '".session_id()."';";
}
// document/update action
public function action_update()
{
$id = (int)$this->request->param('id');
if ( ! $id)
{
throw new HTTP_Exception_400('No document ID was specified. Please go back and try again.');
}
$document = ORM::factory('Document', $id);
if ( ! $document->loaded())
{
throw new HTTP_Exception_400('No valid document ID was specified.');
}
$layout = View::factory('layouts/documents/edit')
->bind('back_link', $back_link)
->bind('values', $values)
->bind('errors', $errors)
->bind('success', $success)
->bind('is_acp', $is_acp);
$is_acp = (strpos(Request::initial()->uri(), 'acp') !== FALSE);
if ( ! $is_acp AND Auth::instance()->get('id') != $document->user_id)
{
throw new HTTP_Exception_403('Unauthorised access. You do not have permission to edit this document.');
}
elseif ($document->is_published AND ! Auth::instance()->get('is_admin'))
{
throw new HTTP_Exception_403('Unauthorised access. You cannot edit a published document.');
}
$back_link = $is_acp ? '/acp/documents' : '/account';
$values = array();
$errors = array();
foreach ($document->table_columns() as $key => $null)
{
$values[$key] = $document->$key;
}
if (Request::initial()->method() == Request::POST)
{
// We assume that is_published and is_paid are unchecked. Later on we check to see if they are checked and change the values.
if ($document->is_published == 1 AND $is_acp)
{
$values['is_published'] = -1;
}
if ($document->is_paid == 1 AND $is_acp)
{
$values['is_paid'] = 0;
}
foreach (Request::initial()->post() as $key => $val)
{
if ($key == 'is_published')
{
// Check for a first time publish, and if it is run the publish method to save the PDF.
if ($document->is_published == 0)
{
Request::factory('document/publish/'.$document->id)->query(array('no_redirect' => TRUE))->execute();
}
$values[$key] = 1;
}
elseif ($key == 'is_paid')
{
$values[$key] = 1;
}
else
{
$values[$key] = $val;
}
}
$document->values(Request::initial()->post(), array('title', 'summary', 'category_id', 'content'));
if ($is_acp)
{
$document->is_published = $values['is_published'];
if ($document->is_published == 1)
{
$document->date_published = time();
}
$document->is_paid = $values['is_paid'];
}
try
{
$document->save();
$success = TRUE;
}
catch (ORM_Validation_Exception $e)
{
$errors = $e->errors('models');
}
catch (Exception $e)
{
throw new HTTP_Exception_500($e->getMessage);
}
}
$this->response->body($layout->render());
}
这是我的 KCFinder 配置的顶部:
$session_id = @$_GET['phpsession'];
session_start();
session_id($session_id);
define('ROOT', str_replace('eshop/kcfinder', '', __DIR__), TRUE);
var_dump(session_id(), $_SESSION); exit;
当我打开 KCFinder 时,会话是空的(或者只有 KCFinder 默认会话)并且与 Kohana 会话无关。谁能帮我解决这个问题?
你的问题是函数调用的顺序。在设置作为参数传递的会话 ID 之前,您正在启动会话(如果没有传递 ID,它将生成一个具有新 ID 的新会话)——它需要反过来。
http://php.net/manual/en/function.session-id.php:
If
idis specified, it will replace the current session id.session_id()needs to be called beforesession_start()for that purpose.