我收到无法重新生成会话 ID 的警告 - 有时会话无缘无故不活动
I get warning of Cannot regenerate session id - session is not active for no reason sometimes
我看过很多关于这个问题的帖子,但其中 none 解决了我的问题!有人说这是因为用户在 session_start(); 之前使用了 session_regenerate_id(true); !但是我的代码不是这种情况。我还看到有人说我应该在 session_start(); 之前删除多余的空格,我也这样做了,但我仍然在加载网站时收到警告。在我刷新 Boom 后,会话被销毁并且用户注销。
注意*:我收到第 12 行(第三个 if 语句)的警告。
我在每一页开头的代码:
<?php
session_start();
require "DB/users-database.php";
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
session_destroy();
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}
if(isset($_SESSION['starttime'])){
if(time() - $_SESSION['starttime'] > 180) {
session_regenerate_id(true);
}
}
.
.
.
您尝试从已销毁的会话中重新生成 ID。让我们看看会发生什么,如果我们说 $_SESSION 中的 'starttime' 索引已定义且 time() - $_SESSION['starttime'] > 1200 为真:
<?php
//There, you start your session. It's ok.
session_start();
require "DB/users-database.php";
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
//There, you destroy it because `starttime` is set, and time() - starttime > 1200
session_destroy();
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}
//It's true, since $_SESSION['starttime'] was set before, no reason to not been set there
if(isset($_SESSION['starttime'])){
//Indeed, if time() - starttime > 1200, it's also > to 180
if(time() - $_SESSION['starttime'] > 180) {
//you try to regenerate ID on a session that you already destroyed.
session_regenerate_id(true);
}
}
我认为您希望使用 session_destroy 清理 $_SESSION。不是。见 https://www.php.net/manual/en/function.session-destroy.php :
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.
因此,根据文档,一种解决方案是在 session_destroy() 之后立即调用 session_start(),以使您的代码正常工作:
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
//There, you destroy it because `starttime` is set, and time() - starttime > 1200
session_destroy();
session_start(); //According to the documentation, from this point $_SESSION have been reseted.
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}
我看过很多关于这个问题的帖子,但其中 none 解决了我的问题!有人说这是因为用户在 session_start(); 之前使用了 session_regenerate_id(true); !但是我的代码不是这种情况。我还看到有人说我应该在 session_start(); 之前删除多余的空格,我也这样做了,但我仍然在加载网站时收到警告。在我刷新 Boom 后,会话被销毁并且用户注销。
注意*:我收到第 12 行(第三个 if 语句)的警告。
我在每一页开头的代码:
<?php
session_start();
require "DB/users-database.php";
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
session_destroy();
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}
if(isset($_SESSION['starttime'])){
if(time() - $_SESSION['starttime'] > 180) {
session_regenerate_id(true);
}
}
.
.
.
您尝试从已销毁的会话中重新生成 ID。让我们看看会发生什么,如果我们说 $_SESSION 中的 'starttime' 索引已定义且 time() - $_SESSION['starttime'] > 1200 为真:
<?php
//There, you start your session. It's ok.
session_start();
require "DB/users-database.php";
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
//There, you destroy it because `starttime` is set, and time() - starttime > 1200
session_destroy();
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}
//It's true, since $_SESSION['starttime'] was set before, no reason to not been set there
if(isset($_SESSION['starttime'])){
//Indeed, if time() - starttime > 1200, it's also > to 180
if(time() - $_SESSION['starttime'] > 180) {
//you try to regenerate ID on a session that you already destroyed.
session_regenerate_id(true);
}
}
我认为您希望使用 session_destroy 清理 $_SESSION。不是。见 https://www.php.net/manual/en/function.session-destroy.php :
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.
因此,根据文档,一种解决方案是在 session_destroy() 之后立即调用 session_start(),以使您的代码正常工作:
if(isset($_SESSION['starttime']) && (time() - $_SESSION['starttime'] > 1200)){
//There, you destroy it because `starttime` is set, and time() - starttime > 1200
session_destroy();
session_start(); //According to the documentation, from this point $_SESSION have been reseted.
} else {
$_SESSION['starttime'] = time();
session_regenerate_id(true);
}