drti52047 2013-02-20 20:52
浏览 54

在destroy和session_start()之后无法访问$ SESSION数组

I'm using $_SESSION to store data from a multi-page form. Everything was working wonderfully until I finished a submission and ended the session to prevent the same form data being replicated should the person try to re-enter the form. When the form is complete and submitted, kill the session and erase session data:

$_SESSION = array();

setcookie(session_name(), '', time() - 42000);

session_destroy();

What follows is this:

<?php
session_start();

include "connect-moo.php";
$learning = true;

//get any post variables and save them to the session
foreach ($_POST as $key => $val) {
$_SESSION[$key] = $val;
 }

sessionDump();  //dumps session to db

//check to see if step is set (in the post eg ?step=getaquote). If not, set it to current session step

if(!isset($_POST["step"])) {
if(isset($_SESSION['step'])) {
    $_POST['step'] = $_SESSION['step'];
}
}

//show the page appropriate to the current step
if ($_SESSION['mode'] == 'edit' && $_SESSION['lastpage'] != "review" && $_SESSION['step'] != "session") {
$_SESSION['lastpage'] = 'review';
getReview();    
}
else { 
if($_SESSION['step'] != 'session') $_SESSION['lastpage'] = $_SESSION['step'];

switch ($_POST["step"])
{

    case "session":

        foreach($_SESSION as $key => $val){
            echo $key.": ".$val."<br>";
            //phpinfo();

        }

        echo "Post Data<br>";
        foreach($_POST as $key => $val) {
            $sval = mysql_real_escape_string($val);
            $skey = mysql_real_escape_string($key);
            echo $skey.": ".$sval."<br>";
        }

        break;

    case "getaquote":

        getAQuote();
    break;

    // and so on... 

            default:
        start();
}
}

... (all of the abovementioned functions)


?>

I have confirmed that a new session cookie is being established but $_POST and $_SESSION are empty after restarting the session. With the recent fix (thanks!) I can push data into the $_POST and $_SESION arrays programatically (e.g. $_POST['foo'] = 'bar';) but variables passed through the URI are ignored.

Solutions:

re session_destroy, see Alex B answer.

re. the $_POST issue - it turns out that, when entering the information via URL directly, the server was interpreting it(correctly) as a GET not a POST. I amended my code to grab all GET & POST data but will only need POST in production. Here's the new code:

//get any submitted variables and save them to the session
foreach ($_GET as $key => $val) {
$_SESSION[$key] = $val;
 }
foreach ($_POST as $key => $val) {
$_SESSION[$key] = $val;
 }
  • 写回答

1条回答 默认 最新

  • douba9776 2013-02-20 20:58
    关注

    You're doing it wrong.

    session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.

    In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.

    The solution:

    session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(),'',0,'/');
session_regenerate_id(true);
    评论

报告相同问题?

悬赏问题

  • ¥15 多址通信方式的抗噪声性能和系统容量对比
  • ¥15 winform的chart曲线生成时有凸起
  • ¥15 msix packaging tool打包问题
  • ¥15 finalshell节点的搭建代码和那个端口代码教程
  • ¥15 用hfss做微带贴片阵列天线的时候分析设置有问题
  • ¥15 Centos / PETSc / PETGEM
  • ¥15 centos7.9 IPv6端口telnet和端口监控问题
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据