I'm creating a dashboard where I have the front end on one subdomain and the api which is in php on another subdomain. I was looking for how to preserve $_SESSION between the two and found this. So what I'm inquiring about is since cookies are stored on the users machine and I'm sending the user id to the api, would they be able to manipulate this value and browse the app as a different user assuming I use session_set_cookie_params(). So I would be using $_SESSION in the api but this native function makes me think they'd be able to change the value.
PHP session_set_cookie_params()是否在用户计算机上创建可操作的cookie?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
分享- 邀请回答
-
1条回答 默认 最新
- dry18813 2019-08-06 13:41关注
I don't believe this method I've alluded to is of any danger (knock on wood) but I'm just going to go for the /api/ subfolder structure anyways at this point as having a separate endpoint seems to make things too spread out.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报 分享
- 2019-08-02 21:31回答 1 已采纳 I don't believe this method I've alluded to is of any danger (knock on wood) but I'm just going to
- 2017-01-05 19:46回答 1 已采纳 My bad, forgot to add COOKIE to the variables_order directive: variables_order = "GPCS" So that
- 2018-11-06 13:04回答 2 已采纳 In your local folder PHP.ini settings (typically called user.ini and found in your root HTML direc
- 2021-05-01 11:17不吃香菜的鱼的博客 标签:php即时通讯期待更多的会议,并希望一些投入.在简单的登录表单上,一旦提交...session_set_cookie_params( time() + 600, './', 'example.co.uk', false, false);session_start();$_SESSION['TOKEN'] = TOKEN;...
- 2015-08-26 19:12回答 1 已采纳 I figured it out. Before, I was calling the get_header() function before I was calling the session
- 2014-06-05 02:30回答 2 已采纳 Ended up needing to change session_set_cookie_params(1800, "/home/users/web/example/unix-director
- 2014-03-07 02:32回答 1 已采纳 The third parameter you used "/" is not a valid domain name. Using session_set_cookie_params(30 *
- 2023-03-27 10:01快点好好学习吧的博客 通过session_set_cookie_params()函数可以设置cookie的参数,然后通过setcookie()函数将cookie发送给浏览器,从而使浏览器在后续的请求中自动发送该cookie。在PHP中,session机制通过设置session ID的cookie来识别...
- 2017-10-14 04:13回答 1 已采纳 On all your OTHER pages you only need to test for the admin session and if that fails then redirec
- 2010-10-21 15:50回答 1 已采纳 You are not removing it with the same parameters as it was created. Use session_get_cookie_params
- 2010-10-06 03:12回答 4 已采纳 The cookie should be deleted, because you set his lifetime to 0. Maybe there is still a firefox-p
- 2022-12-29 11:36kdbshi的博客 session_set_cookie_params() 函数用于设置 session 的 lifetime(生存时间)。要使用这个函数,请按照以下步骤操作: 在 PHP 代码中包含 session_set_cookie_params() 函数。您可以通过在代码中使用以下语句来包含...
- 2014-02-20 05:44回答 2 已采纳 To achieve this type of structure, You need to work as API structure. Follow steps, 1) Create one
- 2021-03-23 22:09weixin_42365804的博客 If you set the session.gc_maxlifetime in .htaccess, your apache conf or use ini_set in your code, it won't work and sessions will still be destroyed after 30 minutes. That's because /usr/lib/...
- 杜客的博客 基本上它不一样.对于setcookie$value = 'something from somewhere';setcookie("TestCookie", $value);setcookie("TestCookie", $value, time()+3600); /* expire in 1 hour */setcookie("TestCookie", $value, time...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
- ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
- ¥16 mybatis的代理对象无法通过@Autowired装填
- ¥15 可见光定位matlab仿真
- ¥15 arduino 四自由度机械臂
- ¥15 wordpress 产品图片 GIF 没法显示
- ¥15 求三国群英传pl国战时间的修改方法
- ¥15 matlab代码代写,需写出详细代码,代价私
- ¥15 ROS系统搭建请教(跨境电商用途)
- ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。