如何在一台服务器上处理一个用户的多个 PHP 会话?
我的服务器上的单个域上托管的 Facebook 应用程序很少。同一用户可能会在单个会话中访问我的两个或多个应用程序。如何确保一个应用程序中的某些数据不会最终出现在另一应用程序中?由于用户可能只是离开应用程序,因此无法选择注销。
I have few Facebook Apps hosted on a single domain on my server. It is possible that the same user may access two or more of my apps in a single session. How do I make sure that some data from one app doesn't end up in another app? Since the user may simply navigate away from the app, so logging out is not an option.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
如果您为每个应用使用不同的
session_name(),则会话之间实际上是惰性的。If you use a different
session_name()for each app, the sessions are effectively inert from one another.我能想到的解决方案是将用户正在使用的应用程序包含在会话数据中,如果您在用户的会话数据中看到错误的会话,则销毁该会话。
The solution I can think of would be including the application that the person is using in the session data, and if you see the wrong session in the user's session data, you destroy the session.
只是一个想法:也许您想为每个应用程序设置一个子域。这样,cookie 和会话就会自动完全分离,而不是依赖于某个函数(这可能会很慢,正如有人在
session_name()手动注释中指出的那样。)此外,我相信单独的子域由于同源政策,让您更安全地免受攻击。 (正确的?)
Just a thought: maybe you'd want to set up a subdomain for each one of your apps. That way the cookies and sessions are completely separate automatically, rather than relying on a function (which may be slow, as one person indicated in the
session_name()manual comments.)In addition, I believe separate subdomains keep you safer from exploits because of the same origin policy. (Right?)
您可以通过为每个应用程序使用不同的键来制作类似会话部分的内容。您只需要确保密钥是唯一的。每次将一些数据保存到会话中时,请将其保存在适当的部分,例如:
You can make something like session sections by using different keys for every application. You just need to be sure to have the keys unique. Everytime you save some data into session save it in the proper section e.g.: