Home >Backend Development >PHP Tutorial >IIS7,IIS7.5在高版本IE下丢失session,每次刷新页面,都会生成新的sessionID
测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。
后来测试了一下print session_id();
ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。
后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie
<code>session_start(); setcookie('PHPSESSID',session_id()); </code>
算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。
现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。
顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。
附上抓包数据(隐去了域名):
IE下:
<code>GET /index.php HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: zh-CN User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) Accept-Encoding: gzip, deflate Host: ***.***.cn Connection: Keep-Alive Cookie: has_js=1 HTTP/1.1 200 OK Cache-Control: public, max-age=600 Content-Type: text/html; charset=utf-8 Content-Language: zh-hans Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000 ETag: "1376286859-0" Vary: Cookie Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS X-Generator: Drupal 7 (http://drupal.org) X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:54:37 GMT Connection: keep-alive Content-Length: 9829 POST /?q=front-page&destination=front-page HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://***.***.cn/index.php Accept-Language: zh-CN User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate Host: ***.***.cn Content-Length: 129 Connection: Keep-Alive Cache-Control: no-cache Cookie: has_js=1 HTTP/1.1 302 Redirect Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=UTF-8 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000 ETag: "1376287352" Location: http://***.***.cn/?q=front-page Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 06:02:37 GMT Connection: keep-alive Content-Length: 155 </code>
firefox下:
<code>GET /index.php HTTP/1.1 Host: ***.***.cn User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: Drupal.toolbar.collapsed=0; has_js=1 Connection: keep-alive If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000 If-None-Match: "1376286970" HTTP/1.1 200 OK Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Language: zh-hans Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000 ETag: "1376287011" Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Generator: Drupal 7 (http://drupal.org) X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:56:56 GMT Connection: keep-alive Content-Length: 18842 POST /?q=front-page&destination=front-page HTTP/1.1 Host: ***.***.cn User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Referer: http://***.***.cn/ Cookie: Drupal.toolbar.collapsed=0; has_js=1 Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 129 HTTP/1.1 302 Redirect Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=UTF-8 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000 ETag: "1376287182" Location: http://***.***.cn/?q=front-page Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:59:47 GMT Connection: keep-alive Content-Length: 155 </code>
测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。
后来测试了一下print session_id();
ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。
后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie
<code>session_start(); setcookie('PHPSESSID',session_id()); </code>
算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。
现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。
顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。
附上抓包数据(隐去了域名):
IE下:
<code>GET /index.php HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: zh-CN User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) Accept-Encoding: gzip, deflate Host: ***.***.cn Connection: Keep-Alive Cookie: has_js=1 HTTP/1.1 200 OK Cache-Control: public, max-age=600 Content-Type: text/html; charset=utf-8 Content-Language: zh-hans Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000 ETag: "1376286859-0" Vary: Cookie Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS X-Generator: Drupal 7 (http://drupal.org) X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:54:37 GMT Connection: keep-alive Content-Length: 9829 POST /?q=front-page&destination=front-page HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://***.***.cn/index.php Accept-Language: zh-CN User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) Content-Type: application/x-www-form-urlencoded Accept-Encoding: gzip, deflate Host: ***.***.cn Content-Length: 129 Connection: Keep-Alive Cache-Control: no-cache Cookie: has_js=1 HTTP/1.1 302 Redirect Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=UTF-8 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000 ETag: "1376287352" Location: http://***.***.cn/?q=front-page Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 06:02:37 GMT Connection: keep-alive Content-Length: 155 </code>
firefox下:
<code>GET /index.php HTTP/1.1 Host: ***.***.cn User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: Drupal.toolbar.collapsed=0; has_js=1 Connection: keep-alive If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000 If-None-Match: "1376286970" HTTP/1.1 200 OK Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=utf-8 Content-Language: zh-hans Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000 ETag: "1376287011" Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Generator: Drupal 7 (http://drupal.org) X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:56:56 GMT Connection: keep-alive Content-Length: 18842 POST /?q=front-page&destination=front-page HTTP/1.1 Host: ***.***.cn User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Referer: http://***.***.cn/ Cookie: Drupal.toolbar.collapsed=0; has_js=1 Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 129 HTTP/1.1 302 Redirect Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/html; charset=UTF-8 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000 ETag: "1376287182" Location: http://***.***.cn/?q=front-page Server: Microsoft-IIS/7.0 X-Powered-By: PHP/5.2.17 X-Drupal-Cache: MISS Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly X-Powered-By: ASP.NET Date: Mon, 12 Aug 2013 05:59:47 GMT Connection: keep-alive Content-Length: 155 </code>
自己给自己结贴,终于发现问题出在哪里了,这真的是我的错。
因为我把php.ini里面的一个变量:session.cookie_path的意思理解错了,填成d:\tmp,所以大家都没法登陆进去。现在改成空,已经正常了。
补充一下:
session.cookie_path
是指 session
生效的网站域;
session.save_path
是指存储 session
临时文件的路径。