$ _SESSION PHP在不同URL中的同一服务器上无法识别

I have a check_session.php file that checks if the user session was started after login, which happens is as follows:

There are two URL's:

https://www.website.com/control/user/

And inside it has a link that leads to another URL:

https://www.website.com/b2b/user/

At the beginning of each page you even have the code:

<?php
if( !session_id() ) {
    session_start();
}
header('Access-Control-Allow-Origin: https://www.website.com');
?>

The file check_session.php is the same for both environments, however when opening the link in a target="_blank", the other URL passes through the file verify.php and $_SESSION['user'] is not recognized and forwards the user out of the environment, but the source tab does not lose the session:

<?php
if( !isset($_SESSION['user']) ) {
    session_regenerate_id(true);
    unset($_SESSION['user']);
    session_destroy();
    session_start();
    echo "<script>window.alert('Unauthorized access [SECTION OFF]!');</script>";
    echo "<script>parent.location.href='home/';</script>";
    exit();
}
?>

Taking into account that the destination URL call is done both via tag and in Jquery .ajax();

great regardz, thank you!

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dshqd84261 2018-05-29 20:13
关注
This could happen in 2 cases: First is different domain names. You said, that they are same.

Then most likely you didn't init session in verify.php

Header Access-Control-Allow-Origin using, when you need to load data from another site. You don't need that header on same domain. And you don't need to check session_id before start session.

So first piece of code may look like this:

<?php session_start(); ?>

In the second piece of code, if $_SESSION['user'] were not set, then there is no sense to unset($_SESSION['user']);.

If you destroy session, no need to session_regenerate_id(true);.

If you recreate session only because of $_SESSION['user'] and this code is all in this file,

then second piece of code may look like this:

<?php session_start(); if(!isset($_SESSION['user']) ) { echo "<script>window.alert('Unauthorized access [SECTION OFF]!');</script>"; echo "<script>parent.location.href='home/';</script>"; }

If you recreate session for another reason, then second piece may look like this:

<?php session_start(); if( !isset($_SESSION['user']) ) { session_destroy(); session_start(); echo "<script>window.alert('Unauthorized access [SECTION OFF]!');</script>"; echo "<script>parent.location.href='home/';</script>"; }
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

$ _SESSION PHP在不同URL中的同一服务器上无法识别 php
2018-05-29 14:04

回答 1 已采纳 This could happen in 2 cases: First is different domain names. You said, that they are same. Then
PHP isset $ _session等于string php
2017-02-21 16:35

回答 1 已采纳 isset returns a boolean. Run the isset and check the actual value. if(isset($_SESSION['role']) &&
PHP $ _SESSION值不变 html php
2018-10-27 08:15

回答 1 已采纳 Move that code to script2.php ( FORM ACTION="script2.php" ) if(!empty($_POST['recharge_no']) && !
PHP中cookie与session详解
2020-07-09 15:12

行云tack的博客文章目录1.cookieCookie 是什么？...cookie 是一种服务器留在用户计算机上的小文件。每当同一台计算机通过浏览器请求页面时，这台计算机将会发送 cookie。通过 PHP，您能够创建并取回 cookie 的值。如何创建 Cookie
$ _session ['error']在php中意味着什么 php
2015-01-14 08:05

回答 3 已采纳 $_SESSION contains all session variables (user ID of logged in user for example). You can set a se
如何在php $ _SESSION中存储多个单词？ php
2015-12-04 15:44

回答 1 已采纳 Try wrapping $memberName in double quotes. Not sure if that will work though. Also, please use PD
$ _SESSION没有在表单上选择正确的值 php
2019-02-21 08:09

回答 1 已采纳 That's not how $_SESSION or select works. What you are doing is simply executing PHP where you se
php学习
2022-04-14 17:51

拓海AE的博客 PHP 脚本在服务器上执行。 PHP 可免费下载使用。 PHP 文件是什么？ PHP 文件可包含文本、HTML、JavaScript代码和 PHP 代码 PHP 代码在服务器上执行，结果以纯 HTML 形式返回给浏览器 PHP 文件的默认文件扩展名是 ...
为什么PHP if（！$ _ SESSION ['username']）返回false php
2015-03-12 15:52

回答 2 已采纳 You need to save save something in session variable if($count == 1) { // Register $username, $pas
在iphone上丢失了Php $ _SESSION值 iphone php
2016-01-29 22:06

回答 1 已采纳 Yes, based on your description, it does sound like the issue is related to cookies. Needless to sa
PHP $ _SESSION在某些浏览器中工作，而不是其他浏览器 php
2015-08-26 19:12

回答 1 已采纳 I figured it out. Before, I was calling the get_header() function before I was calling the session
PHP Session的基础知识
2019-07-13 17:26

Strange_Ltike的博客 session 是一种客户与网站（服务器）更为安全的对话方式。一旦开启了 session 会话，便可以在网站的任何页面使用（保持）这个会话，从而让访问者与网站之间建立了一种“对话”机制。常见的网上购物车，就是一个...
对于多语言网站，PHP无法使用$ _Session检索正确的语言 php
2016-02-27 22:29

回答 2 已采纳 You should always call session_start() before working with $_SESSION. You miss that in the switch
php面试整理
2021-11-15 00:55

一条程序龙o^v^o的博客 php面试整理 *什么是操作系统？知道那些概念（来源于百度）：操作系统（operating system，简称OS）是管理计算机硬件与软件资源的计算机...在有些面试题目中也称之为OOP(Object Oriented Programming)。面向对象主要
PHP中cookie和session
2018-05-12 00:21

weixin_30377461的博客 PHP中cookie和session 一、总结 1、cookie setcookie() 函数用于设置 cookie。注释：setcookie() 函数必须位于 <html> 标签之前。 1 <?php 2 $expire=time()+60*60*24*30; 3 setcookie("user", ...
没有解决我的问题, 去提问

悬赏问题

¥15 c语言怎么用printf（“\b \b”）与getch（）实现黑框里写入与删除？
¥20 怎么用dlib库的算法识别小麦病虫害
¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
¥15 java写代码遇到问题，求帮助
¥15 uniapp uview http 如何实现统一的请求异常信息提示？
¥15 有了解d3和topogram.js库的吗？有偿请教
¥100 任意维数的K均值聚类
¥15 stamps做sbas-insar，时序沉降图怎么画
¥15 买了个传感器，根据商家发的代码和步骤使用但是代码报错了不会改，有没有人可以看看
¥15 关于#Java#的问题，如何解决？

$ _SESSION PHP在不同URL中的同一服务器上无法识别

1条回答 默认 最新

悬赏问题

1条回答默认最新