dongzhen7108 2014-12-08 09:25
浏览 83
已采纳

两个客户的PHP会话重叠

Have a session problem with application when opened in multiple tabs of a browser. In my project a user can have multiple log in id's so he could log into the app with two id's at the same time as two diferent users. but when they try to log in with two id in multiple tabs of a browser. the same session of the browser is being shared and the data gets messed up. Any insights to solve this issue?

I see a pattern in mail.yahoo.com , if i log into my mail.yahoo with one user id and try to login in to other user id in the new tab. one of them logs out. Any idea how this could be done...

Thanks

  • 写回答

3条回答 默认 最新

  • dop2144 2014-12-08 23:05
    关注

    Piecing this together from against other answers it sounds like you need multiple application streams.

    That is, you have a situation where you need multiple "users" to be logged in to the application on different tabs on the same browser, same machine.

    This isn't because they are different people using the machine, but rather the same person working with different personas.

    It turns out, I've implemented something similar in the past myself, in order for managers to be able to "ghost" through a system as their staff members. They log in as the other user, but in a read only mode so they can see what's going on.

    OK. So how to do it.

    Put simply - the session isn't enough - you need more than that. The session ID is stored in a cookie on the client machine and there isn't really much you can do about the set-up - one browser = one session.

    However, what you can do is split that session up with an application stream, or application context.

    That is, don't store anything in the root of your session - split your session into distinct components into which you have a set-up identical to your current session.

    The key for each session is then the "application stream" key. You need to pass this around in your URLs.

    E.g.

    Your current session may have a simple set-up:

    $_SESSION['user'] = 'some username';
$_SESSION['role'] = 'power user';

    Instead you store that as:

    $_SESSION[0]['user'] = 'some username';
$_SESSION[0]['role'] = 'power user';

    On all urls you add:

    &appId=0

    And whenever you reference your session you use something like:

    $username = $_SESSION[ $_GET['appId'] ]['user'];

    Obviously, you wrap all this up in a nice session handling class, but that's the basic idea.

    If you want a link that generates a new login page with a new application stream, you simply change the appId on the link (or completely omit it and trap that in your login code).

    E.g.

    $sLoginLink = "<a href='/login.php?appId=" . generateNewAppStreamId() . "' target='_BLANK'>New Login Screen</a>";

    As everything is still stored in the session, the whole of your application should work exactly the same - just as long as you always have the appId on every URL in the system.

    I've tried to make the explanation as simple as possible - forgive me if I've used too many words.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 微信小程序协议怎么写
  • ¥15 c语言怎么用printf(“\b \b”)与getch()实现黑框里写入与删除?
  • ¥20 怎么用dlib库的算法识别小麦病虫害
  • ¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
  • ¥15 java写代码遇到问题,求帮助
  • ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看