dongyuan8469 2012-06-13 08:50
浏览 115
已采纳

使用3G加密狗丢失会话变量

I have a huge problem with session_vars and mobile 3g connections.

We have a virtual campus that is accessed with username and password. On every page verifies that the user is logged with the following code:

<?PHP session_start();

//Avoid not logged users
if ($_SESSION['auth']!=true)
{
    session_unset();
    header('Location:index.php'); // login page
    exit;
}

When a user tries to download a file and uses a 3G connection, sometimes loses its session variable that identifies who is logged in, and send the user to the login page.

We have tried and fail to reproduce the error. We assume that may depend on the conditions of the 3G connection.

All users who use a dongle 3g fails with a laptop.

Bellow the html download link code:

<a onclick="window.location.href='download_file.php?id=48558&amp;id_aula=A1188788&amp;p=5'" title="download 21115400_cat.pdf" class="Arial11BlueBold ManoSola">Download</a>

And the download_file.php:

<?PHP session_start();

//Avoid not logged users
if ($_SESSION['auth']!=true)
{
    session_unset();
    header('Location:index.php');
    exit;
}

...

Thanks!

  • 写回答

3条回答 默认 最新

  • duansha7453 2014-01-22 09:11
    关注

    Suhosin encrypts the session and it seems that something does change the cookie and the session. We have disabled encryption in php.ini.

    [suhosin] suhosin.session.encrypt=Off
[suhosin] suhosin.cookie.encrypt=Off

    We also use the Ajax Agent library, this library reloads the page and some session variables are lost. We replaced the Ajax Agent for Ajax call.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制