I'm creating a dashboard where I have the front end on one subdomain and the api which is in php on another subdomain. I was looking for how to preserve $_SESSION between the two and found this. So what I'm inquiring about is since cookies are stored on the users machine and I'm sending the user id to the api, would they be able to manipulate this value and browse the app as a different user assuming I use session_set_cookie_params(). So I would be using $_SESSION in the api but this native function makes me think they'd be able to change the value.
PHP session_set_cookie_params()是否在用户计算机上创建可操作的cookie?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
分享- 邀请回答
-
1条回答 默认 最新
- dry18813 2019-08-06 13:41关注
I don't believe this method I've alluded to is of any danger (knock on wood) but I'm just going to go for the /api/ subfolder structure anyways at this point as having a separate endpoint seems to make things too spread out.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报 分享
- 2017-01-05 19:46回答 1 已采纳 My bad, forgot to add COOKIE to the variables_order directive: variables_order = "GPCS" So that
- 2018-11-06 13:04回答 2 已采纳 In your local folder PHP.ini settings (typically called user.ini and found in your root HTML direc
- 2015-08-26 19:12回答 1 已采纳 I figured it out. Before, I was calling the get_header() function before I was calling the session
- 2021-05-01 11:17不吃香菜的鱼的博客 标签:php即时通讯期待更多的会议,并希望一些投入.在简单的登录表单上,一旦提交...session_set_cookie_params( time() + 600, './', 'example.co.uk', false, false);session_start();$_SESSION['TOKEN'] = TOKEN;...
- 2014-06-05 02:30回答 2 已采纳 Ended up needing to change session_set_cookie_params(1800, "/home/users/web/example/unix-director
- 2014-03-07 02:32回答 1 已采纳 The third parameter you used "/" is not a valid domain name. Using session_set_cookie_params(30 *
- 2017-10-14 04:13回答 1 已采纳 On all your OTHER pages you only need to test for the admin session and if that fails then redirec
- 2023-03-27 10:01快点好好学习吧的博客 通过session_set_cookie_params()函数可以设置cookie的参数,然后通过setcookie()函数将cookie发送给浏览器,从而使浏览器在后续的请求中自动发送该cookie。在PHP中,session机制通过设置session ID的cookie来识别...
- 2010-10-21 15:50回答 1 已采纳 You are not removing it with the same parameters as it was created. Use session_get_cookie_params
- 2010-10-06 03:12回答 4 已采纳 The cookie should be deleted, because you set his lifetime to 0. Maybe there is still a firefox-p
- 2014-02-20 05:44回答 2 已采纳 To achieve this type of structure, You need to work as API structure. Follow steps, 1) Create one
- 杜客的博客 基本上它不一样.对于setcookie$value = 'something from somewhere';setcookie("TestCookie", $value);setcookie("TestCookie", $value, time()+3600); /* expire in 1 hour */setcookie("TestCookie", $value, time...
- 2022-12-29 11:36kdbshi的博客 session_set_cookie_params() 函数用于设置 session 的 lifetime(生存时间)。要使用这个函数,请按照以下步骤操作: 在 PHP 代码中包含 session_set_cookie_params() 函数。您可以通过在代码中使用以下语句来包含...
- 2021-03-23 22:09weixin_42365804的博客 If you set the session.gc_maxlifetime in .htaccess, your apache conf or use ini_set in your code, it won't work and sessions will still be destroyed after 30 minutes. That's because /usr/lib/...
- 2019-10-08 07:21diyue3206的博客 session_set_cookie_params() 函数不管刷不刷新页面,都不会改变cookie的过期时间, ...在php7.2 的环境下使用 session_set_cookie_params() 函数会提示报错,Cannot change session cookie parameters wh...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 如何让企业微信机器人实现消息汇总整合
- ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题
- ¥15 如何用Python爬取各高校教师公开的教育和工作经历
- ¥15 TLE9879QXA40 电机驱动
- ¥20 对于工程问题的非线性数学模型进行线性化
- ¥15 Mirare PLUS 进行密钥认证?(详解)
- ¥15 物体双站RCS和其组成阵列后的双站RCS关系验证
- ¥20 想用ollama做一个自己的AI数据库
- ¥15 关于qualoth编辑及缝合服装领子的问题解决方案探寻
- ¥15 请问怎么才能复现这样的图呀