Solution to cross-page transfer failure using SESSION in SESSION-PHP without Cookie

Leave the Cookie in the use of SESSION-PHP SESSION can not cross-page transfer problem solution leave the cookie using session <br/> php session can not cross-page transfer problem solution <br/> In PHP has used session instead of cookie.
Solution to cross-page transfer failure of SESSION in PHP

Friends who have used SESSION in PHP may encounter such a problem. SESSION variables cannot be transferred across pages. This has plagued me for a few days and finally solved this problem by checking the information. I think the reasons for this problem are as follows:
1. cookie disabled on the client
2. a browser error occurs and the cookie cannot be accessed for the moment.
3. the session. use_trans_sid in php. ini is 0 or the -- enable-trans-sid option is not enabled during compilation.

Why? I will explain the following:
The Session is stored on the server side (the session is stored as a file by default). the user's file is obtained based on the session id provided by the client and the variable value is obtained, the session id can use the Cookie of the client or the Query_String of the Http1.1 protocol (that is, the "?" And then the server reads the Session directory ....... That is to say, session id is used to obtain the id card of the session variable stored in the service. When the code session_start (); is run, a session file is generated on the server, and a session id corresponding to it is also generated, define session variables to be stored in the generated session file in a certain form. The session id can be used to retrieve the defined variables. After a cross-page session, you must execute session_start (); a session file is generated, and the corresponding session id is generated, this session id cannot be used to retrieve the variables in the first session file mentioned above, because this session id is not the "key" to open it ". If the code session_id ($ session id) is added before session_start (); no new session file is generated and the session file corresponding to this id is directly read.
By default, the session in PHP uses the Cookie of the client to save the session id. Therefore, when the cookie of the client fails, the session will be affected. It must be noted that the session does not necessarily depend on the cookie, which is also a bit better than the cookie. When the Cookie on the client is disabled or a problem occurs, PHP automatically attaches the session id to the URL, so that the session variable can be used across pages through the session id. However, this attachment also has certain conditions, that is, "session. use_trans_sid = 1 in php. ini or the -- enable-trans-sid option is enabled during compilation ".

Now that we understand the above principles, there are three main ways to discard the cookie session:

1. set session. use_trans_sid = 1 in php. ini or enable the -- enable-trans-sid option when compiling, so that PHP can automatically pass the session id across pages.
2. manually pass session IDs through URL values and hidden forms.
3. save session_id in the form of files and databases, and manually call it during the cross-page process.

Here is an example:

S1.php

Session_start ();
$ _ SESSION ['var1'] = "People's Republic of China ";
$ Url = "next page ";
Echo $ url;
?>

S2.php

Session_start ();
Echo "the value of the passed session variable var1 is:". $ _ SESSION ['var1'];
?>

Run the above code. when the client cookie is normal, you can obtain the result "People's Republic of China ".
Now you can manually close the client cookie and run it again. The result may not be returned. If no result is returned, "set session. use_trans_sid = 1 in php. ini or enable the -- enable-trans-sid option when compiling". The "People's Republic of China" is returned"

This is also the way 1 mentioned above.

Next let's talk about Method 2:

The modified code is as follows:
S1.php

Session_start ();
$ _ SESSION ['var1'] = "People's Republic of China ";
$ Sn = session_id ();
$ Url = "next page ";
Echo $ url;
?>

S2.php

Session_id ($ _ GET ['s ']);
Session_start ();
Echo "the value of the passed session variable var1 is:". $ _ SESSION ['var1'];
?>

Method 3 is illustrated by examples:
Login.html




Login



Please log on:




Mylogin1.php


$ Name = $ _ POST ['name'];
$ Pass = $ _ POST ['pass'];
If (! $ Name |! $ Pass ){
Echo "the user name or password is blank. please log on again ";
Die ();
}
If (! ($ Name = "laogong" & $ pass = "123 ")){
Echo "the user name or password is incorrect. please log on again ";
Die ();
}
// Register a user
Ob_start ();
Session_start ();
$ _ SESSION ['user'] = $ name;
$ Psid = session_id ();
$ Fp = fopen ("e: \ tmp \ phpsid.txt", "w + ");
Fwrite ($ fp, $ psid );
Fclose ($ fp );
// Complete the authentication.
Echo "logged on
";
Echo "next page ";

?>

Mylogin2.php

$ Fp = fopen ("e: \ tmp \ phpsid.txt", "r ");
$ Sid = fread ($ fp, 1024 );
Fclose ($ fp );
Session_id ($ sid );
Session_start ();
If (isset ($ _ SESSION ['user']) & $ _ SESSION ['user'] = "laogong "){

Echo "logged on! ";
}
Else {
// Log on successfully for related operations
Echo "not logged on, not authorized to access ";
Echo "log on and browse ";
Die ();
}

?>

Similarly, disable the cookie test. Username: laogong password: 123 this is the session id saved through the file. the file is: e: \ tmp \ phpsid.txt. determine the file name or path based on your system.

As for the database method, I will not give an example. it is similar to the file method.

To sum up, the above method has one thing in common: Get the session id on the previous page, and then find a way to upload the session id to the next page, at the session_start () of the next page (); before the code, add the code session_id (the passed session id );


Note: my testing environment: Win2K Sever Aapache 1.3.31 PHP 4.3.4

In addition, lidm is also tested on unix-like systems.