How to solve the problem of cross-page invalidation of sessions in nginx

Yesterday, I used a session on my server to implement a login function. However, the session cannot be used across pages. It was a short time. Next we will record the solution process to prevent another blind person from encountering the same problem next time.

Generally, session failures are caused by the following reasons:

1. Disable browser cookies.
2. The server SESSION directory has no write permission.

Let's take a look at the situation where the server SESSION directory does not have the write permission:

Premise: The premise is that your session. save_handler = files, that is, the file storage session.

Some servers use memcache to store Sessions. Check if memcache is faulty.

This is the case I encountered. Because of the apache server I used earlier, the user group in the session directory will naturally be apache. Later in a month, I replaced the server with Nginx, however, I did not change the user group of the session directory, which caused this problem.

It was a simple problem, but I changed the file in the session directory to the Nginx directory, but I didn't have the permission to change the session, so I thought I had a magical problem. I hope you will not make such a low-level mistake.

The following describes how to solve this problem:

Get session directory

Generally, session. save_path is used in php. ini to record the session's storage directory on the server.

Session. save_path = "/var/lib/php/session"
Change User Group

Chown-R nginx. nginx 'session. save_path'

Let's take a look at the problem of COOIKE disabling in the browser:

Session depends on cookies. When you access a website, the server of this website will generate a unique session_id for you to store in the client browser, when you jump to a page on the site, the browser will automatically send your unique session_id to the server. The server obtains the session information based on your session_id. However, when the browser disables cookies, your server cannot obtain session_id, and the server cannot obtain your session information, which may cause session failure.

The solution is as follows:

In this case, you can set session. use_trans_sid = 1. When we send a request to the server, the URL will automatically send the session_id value.

Session. use_trans_sid = 1