Phpsession_id constantly changing

Phpsession_id is changing constantly. why is the session_id on my page constantly changing? it is not fixed. I change it every time I refresh it. This should be fixed.
What is the problem?

Reply to discussion (solution)

Does the browser support cookies?

Most of them are session. auto_start = 1

Does not rule out that your browser does not support cookies

Session. auto_start = 0
My browser supports cookies

You can only post code to talk about it.

Rss. php

Session_start ();
$ _ SESSION ["name"] = "lifffffff4 ";
Echo $ _ SESSION ["name"];
Echo"
";
Echo session_id ();
?>
Access the above file first and then access the following file twice with different session_id
Index. php
Session_start ();
Echo $ _ SESSION ["name"];
Echo session_id ();

?>

Rss. php and url jump past

Do not open a new browser window

Session_start ();
$ _ SESSION ["name"] = "lifffffff4 ";
Echo $ _ SESSION ["name"];
Echo"
";
Echo session_id ();
Echo & quot; 2222 & quot"
?>
Same effect

Add
Print_r ($ _ COOKIE );

Add
Print_r ($ _ COOKIE );
I printed an empty array.

Session_start ();
$ _ SESSION ["name"] = "lifffffff4 ";
Echo $ _ SESSION ["name"];
Echo"
";
Echo session_id ();
Echo & quot; 2222 & quot ";
Print_r ($ _ COOKIE );
?>


Session_start ();
Echo $ _ SESSION ["name"];
Echo session_id ();
Print_r ($ _ COOKIE );
?>

That is, the cookie is not supported. no matter how $ _ COOKIE ['phpsessid '] should be there

Have you changed the session settings in php. ini?

I have not changed php. ini. what should I do now?

I am also depressed about how to solve the problem. Why didn't I use the phpsession cookie?

My browser supports cookies.

Weak ask, is session_id special for programs? Generally, you can operate $ _ SESSION.

You can use setcookie to set a cookie variable and then try to read it back.

I can put the same code on someone else's computer. what's wrong with me?

Echo ini_get ("session. use_cookies"); // What is the value?

You can use setcookie to set a cookie variable and then try to read it back.
I have tried this. No problem.

Check whether the error message is displayed when you enable the error prompt.

error_reporting(E_ALL);ini_set('display_errors',true);

The session-related php. ini configuration information will be posted for your analysis.

[Session]
; Handler used to store/retrieve data.
Http://php.net/session.save-handler
Session. save_handler = files

; Argument passed to save_handler. In the case of files, this is the path
; Where data files are stored. Note: Windows users have to change this
; Variable in order to use PHP's session functions.
;
; The path can be defined:
;
; Session. save_path = "N;/path"
;
; Where N is an integer. Instead of storing all the session files in
;/Path, what this will do is use subdirectories N-levels deep, and
; Store the session data in those directories. This is useful if you
; Or your OS have problems with lots of files in one directory, and is
; A more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose
; Use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
; Session. save_path = "N; MODE;/path"
;
; Where MODE is the octal representation of the mode. Note that this
; Does not overwrite the process's umask.
Http://php.net/session.save-path
Session. save_path = "d:/wamp/tmp"

; Whether to use cookies.
Http://php.net/session.use-cookies
Session. use_cookies = 1

Http://php.net/session.cookie-secure
; Session. cookie_secure =

; This option forces PHP to fetch and use a cookie for storing and maintaining
The session id. We encourage this operation as it's very helpful in combatting
; Session hijacking when not specifying and managing your own session id. It is
; Not the end all be all of session hijacking defense, but it's a good start.
Http://php.net/session.use-only-cookies
Session. use_only_cookies = 1

; Name of the session (used as cookie name ).
Http://php.net/session.name
Session. name = PHPSESSID

; Initialize session on request startup.
Http://php.net/session.auto-start
Session. auto_start = 0

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
Http://php.net/session.cookie-lifetime
Session. cookie_lifetime = 1000

; The path for which the cookie is valid.
Http://php.net/session.cookie-path
Session. cookie_path =/

; The domain for which the cookie is valid.
Http://php.net/session.cookie-domain
Session. cookie_domain = 80tao. dev

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting versions as JavaScript.
Http://php.net/session.cookie-httponly
Session. cookie_httponly =

; Handler used to serialize data. php is the standard serializer of PHP.
Http://php.net/session.serialize-handler
Session. serialize_handler = php

; Defines the probability that the 'bucket collect' process is started
; On every session initialization. The probability is calculated by using
; Gc_probability/gc_pisor. Where session. gc_probability is the numerator
; And gc_pisor is the denominator in the equation. Setting this value to 1
; When the session. gc_pisor value is 100 will give you approximately a 1% chance
; The gc will run on any give request.
; Default Value: 1
; Development Value: 1
; Production Value: 1
Http://php.net/session.gc-probability
Session. gc_probability = 1

; Defines the probability that the 'bucket collect' process is started on every
; Session initialization. The probability is calculated by using the following equation:
; Gc_probability/gc_pisor. Where session. gc_probability is the numerator and
; Session. gc_pisor is the denominator in the equation. Setting this value to 1
; When the session. gc_pisor value is 100 will give you approximately a 1% chance
; The gc will run on any give request. Increasing this value to 1000 will give you
; A 0.1% chance the gc will run on any give request. For high volume production servers,
; This is a more efficient approach.
; Default Value: 100
; Development Value: 1000
; Production Value: 1000
Http://php.net/session.gc-pisor
Session. gc_pisor = 1000

; After this number of seconds, stored data will be seen as 'garbage' and
; Cleaned up by the garbage collection process.
Http://php.net/session.gc-maxlifetime
Session. gc_maxlife time = 1440

; NOTE: If you are using the subdirectory option for storing session files
; (See session. save_path above), then garbage collection does ** not *
; Happen automatically. You will need to do your own garbage
; Collection through a shell script, cron entry, or some other method.
; For example, the following script wocould is the equivalent
; Setting session. gc_maxlifetime to 1440 (1440 seconds = 24 minutes ):
; Cd/path/to/sessions; find-cmin + 24 | xargs rm

; PHP 4.2 and less have an uninitialized ented feature/bug that allows you
; To initialize a session variable in the global scope, even when register_globals
; Is disabled. PHP 4.3 and later will warn you, if this feature is used.
You can disable the feature and the warning separately. At this time,
; The warning is only displayed, if bug_compat_42 is enabled. This feature
; Introduces some serious security problems if not handled correctly. It's
; Recommended that you do not use this feature on production servers. But you
; Shocould enable this on development servers and enable the warning as well. If you
; Do not enable the feature on development servers, you won't be warned when it's
; Used and debugging errors caused by this can be difficult to track down.
; Default Value: On
; Development Value: On
; Production Value: Off
Http://php.net/session.bug-compat-42
Session. bug_compat_42 = On

; This setting controls whether or not you are warned by PHP when initializing
; Session value into the global space. session. bug_compat_42 must be enabled before
; These warnings can be issued by PHP. See the directive above for more information.
; Default Value: On
; Development Value: On
; Production Value: Off
Http://php.net/session.bug-compat-warn
Session. bug_compat_warn = On

; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; Considered as valid.
Http://php.net/session.referer-check
Session. referer_check =

; How many bytes to read from the file.
Http://php.net/session.entropy-length
Session. entropy_length = 0

; Specified here to create the session id.
Http://php.net/session.entropy-file
; Session. entropy_file =/dev/urandom
Session. entropy_file =

Http://php.net/session.entropy-length
; Session. entropy_length = 16

; Set to {nocache, private, public,} to determine HTTP caching aspects
; Or leave this empty to avoid sending anti-caching headers.
Http://php.net/session.cache-limiter
Session. cache_limiter = nocache

; Document expires after n minutes.
Http://php.net/session.cache-expire
Session. cache_expire = 180

; Trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
;-User may send URL contains active session ID
; To other person via. email/irc/etc.
;-URL that contains active session ID may be stored
; In publically accessible computer.
;-User may access your site with the same session ID
; Always using URL stored in browser's history or bookmarks.
Http://php.net/session.use-trans-sid
Session. use_trans_sid = 0

; Select a hash function for use in generating session ids.
; Possible Values
; 0 (MD5 128 bits)
; 1 (SHA-1 160 bits)
Http://php.net/session.hash-function
Session. hash_function = 0

; Define how many bits are stored in each character when converting
The binary hash data to something readable.
; Possible values:
; 4 (4 bits: 0-9, a-f)
; 5 (5 bits: 0-9, a-v)
; 6 (6 bits: 0-9, a-z, A-Z ,"-",",")
; Default Value: 4
; Development Value: 5
; Production Value: 5
Http://php.net/session.hash-bits-per-character
Session. hash_bits_per_character = 5

; The URL rewriter will look for URLs in a defined set of HTML tags.
; Form/fieldset are special; if you include them here, the rewriter will
; Add a hiddenField with the info which is otherwise appended
; To URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
; Default Value: "a = href, area = href, frame = src, form =, fieldset ="
; Development Value: "a = href, area = href, frame = src, input = src, form = fakeentry"
; Production Value: "a = href, area = href, frame = src, input = src, form = fakeentry"
Http://php.net/url-rewriter.tags
Url_rewriter.tags = "a = href, area = href, frame = src, input = src, form = fakeentry"

Session. cookie_domain = 80tao. dev


Remove this value. Are you sure you want it?

Is this a configuration of my project affected?

What do you mean by removing it?

Session. cookie_domain = 80tao. dev
Just remove this one.
But why?

Session. cookie_domain = 80tao. dev
Just remove this one.
But why?

The name is not clear yet. restrict the domain.

That is to set the domain in which the cookie corresponding to the session is valid.
Are you performing a local test? Is http: // localhost used to access your project? If yes, remove it. if it is a formal site, you change it

# Note that the vertex added indicates that all subdomains are valid, including wwwsession. cookie_domain =. 80tao. dev.

Try again.

Why can't I fill in that field? it's empty by default. why should I explain it to me?

That is to set the domain in which the cookie corresponding to the session is valid.
Are you performing a local test? Is http: // localhost used to access your project? If yes, remove it. if it is a formal site, you change it
PHP code
# Note that the added vertex indicates that all subdomains are valid, including www
Session. cookie_domain =. 80tao. dev

Try again.


This is strange. I don't seem to have seen the formal domain name of. dev. do you have any?

Session. cookie_domain = 80tao. dev

Indicates that the session is valid only in the 80tao. dev domain.

So you need to test your code in this domain.

Reply to the reference on the 24th floor:

Session. cookie_domain = 80tao. dev
Just remove this one.
But why?


The name is not clear yet. restrict the domain.
I am a local user.

Why can't I fill in that field? it's empty by default. why should I explain it to me?
Is the virtual domain name configured for my local virtual host

Reference reply on the 26th floor:

That is to set the domain in which the cookie corresponding to the session is valid.
Are you performing a local test? Is http: // localhost used to access your project? If yes, remove it. if it is a formal site, you change it
PHP code
# Note that the added vertex indicates that all subdomains are valid, including www
Session. cookie_domain =. 80tao. dev

Try again.



This is strange. I don't seem to have ......
I have never seen the dev domain name.

This is strange. I don't seem to have seen the formal domain name of. dev. do you have any?
Is the virtual domain name configured for my local virtual host

Okay, I don't know.

I know this is an old post, but I have encountered this problem recently. Session_id does not change segments and cannot be used as a shopping cart. Then I artificially use session_id ("a value"), but the session will not expire, no matter how the browser is closed, the previous session still exists. I hope you can give me some answers here. Thank you.