Flash和PHP交互中同步session-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

Flash和PHP交互中同步session

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 20, 2016 pm 01:01 PM

php

Flash和PHP交互中同步session

今天在使用Uploadify和thinkphp进行多文件上传时遇到一个问题，在选择上传的文件并自动上传完成之后，弹出警告窗口提示“http 301”或者“http 302”重定向。后来发现是因为通过Flash插件发起的请求是另外一个客户端发起的，跟浏览器的会话不一致，而我的服务器后端代码恰好是有登录认证的。这就需要我们把当前的session_id通过url或者post的方式传递给php。

一开始我设想将session_id作为query_string传递给php后（即$_GET['session_id']或者$_POST['session_id']），通过session_destory()、session_id($_REQUEST['session_id'])、session_start()系列函数，将flash的会话同步为和浏览器一致。而一技术群里有高手提醒说只要把php.ini中的session.name作为参数传递，PHP就会自动处理了。也就是$_GET或者$_POST或者$_COOKIE数组里有一个“PHPSESSID=当前会话的id”，就能让php自动处理、实现会话的传递了。就是这样：

$("#uploadify").uploadify({
    'uploader'       : '/xxx/xxx/uploadify.swf',
    'script'         : '/xxx/xxx/xxx.php',
    'scriptData'     : {'PHPSESSID' : '= session_id() ?>'},
    ....

或者：

$("#uploadify").uploadify({
    'uploader'       : '/xxx/xxx/uploadify.swf',
    'script'         : '/xxx/xxx/xxx.php?PHPSESSID== session_id() ?>',
    ...

不过谁能告诉我Flash的Cookies要怎么清除啊。。因为这个原因调试过程中一直困难重重。哈哈。。实在太笨了

这是今天解决的的一个问题，哈哈不过我发现flash里只传PHPSESSID参数，赋值为空也可以……

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How does PHP identify a user's session?May 01, 2025 am 12:23 AM

PHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.

What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AM

The security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.

Where are PHP session files stored by default?May 01, 2025 am 12:15 AM

PHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita

How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AM

ToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si

How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AM

The steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.

How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PM

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PM

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PM

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.

See all articles