Javascript PHP会话在AJAX中不持久_Javascript_Php_Ajax_Session_Login

Javascript PHP会话在AJAX中不持久

javascript php ajax session login

Javascript PHP会话在AJAX中不持久,javascript,php,ajax,session,login,Javascript,Php,Ajax,Session,Login,我正在制作一个需要用户登录的网站（在本地开发）；我把它作为我的出发点，让我的代码与MySQL对话并创建会话我已经浏览了关于php会话和ajax的大部分内容；但我仍然无法让我的代码按我想要的方式工作现在，在用户成功登录后，我使用ajax调用其他一些php脚本，但是它不能正常工作。在firefox中，清除了所有cookie、历史记录等之后，会话变量似乎没有通过ajax调用进行维护。但是，如果我重新登录，会话变量似乎可以通过ajax正确传递例如：在我的logged_In.php脚本中，我使用a

我正在制作一个需要用户登录的网站（在本地开发）；我把它作为我的出发点，让我的代码与MySQL对话并创建会话

我已经浏览了关于php会话和ajax的大部分内容；但我仍然无法让我的代码按我想要的方式工作

现在，在用户成功登录后，我使用ajax调用其他一些php脚本，但是它不能正常工作。在firefox中，清除了所有cookie、历史记录等之后，会话变量似乎没有通过ajax调用进行维护。但是，如果我重新登录，会话变量似乎可以通过ajax正确传递

例如：

在我的logged_In.php脚本中，我使用ajax调用另一个脚本：view_samples.php

logged_in.php

<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

<script>var session_id = '<?php echo session_id();?>';</script> <!-- store our session ID so that we can pass it through ajax -->
<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_id($_POST['session_id']); // get the session ID sent by AJAX and set it
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

查看\u samples.php

<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

<script>var session_id = '<?php echo session_id();?>';</script> <!-- store our session ID so that we can pass it through ajax -->
<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_id($_POST['session_id']); // get the session ID sent by AJAX and set it
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

当我使用以前从未登录过的浏览器登录时，我看到它设置了会话ID X；但是，当按下按钮并进行ajax调用时，我会看到一个新的会话ID Y。然后我注销并重新登录，并看到我的会话ID是Y（在ajax之前），当我单击按钮时（在ajax之后），我的会话ID是Y

我还注意到，如果我不按view samples（查看示例）按钮而继续登录和注销，每次都会生成一个新的会话id。但是，只要我按下按钮，就会创建一个全新的会话id，它似乎总是在我注销然后重新登录时设置的id

我错过了什么？确保创建的第一个会话在整个ajax调用中得到维护的正确方法是什么？我应该将会话id发布到被调用的脚本中吗？

这就是我解决问题的方式（因为上面Freaktor的评论没有解决问题）-我正在通过AJAX手动传递会话id，然后在新的PHP脚本中设置它我想知道是否有人可以对这个的安全性发表评论（因为我不完全确定这一切是如何运作的）

这篇文章很有帮助

logged_in.php

<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

<script>var session_id = '<?php echo session_id();?>';</script> <!-- store our session ID so that we can pass it through ajax -->
<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_id($_POST['session_id']); // get the session ID sent by AJAX and set it
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

查看\u samples.php

<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

<script>var session_id = '<?php echo session_id();?>';</script> <!-- store our session ID so that we can pass it through ajax -->
<script type="text/javascript" src="/js/loggedInButtons.js" > </script> <!-- all our ajax calls are here -->

<?php

    // debug some variables
    echo "<br>" . session_id() . "<br>";

    // if logged in
    if ($_SESSION['logged'] == 1) { 
    ?>
        <button class='btn btn-primary' id="view_samples"> View samples</button> <!-- calls view_samples.php -->
        <div id="ajaxResult"></div> <!-- results of ajax calls go here -->
    <?php
    } 

?>

<?php
    session_id($_POST['session_id']); // get the session ID sent by AJAX and set it
    session_start():

    // debug session
    print_r($_SESSION);
    echo "<br>" . session_id() . "<br>";

    if ($_SESSION['logged'] == 1) {
      // do something because we are properly logged in
    } else {
      echo "not logged in!";
    }

?>

您需要session\u start（）：在两个php文件中，如果没有，则$\u会话将为空，ajax将始终保持cookie的进出。这是一种奇怪的行为，除非ajax页面的url与主页不在同一域中。可能是这样吗？