How to solve the problem of session loss in php jump

Solution to lost session in php jump: 1. Open the corresponding file with Notepad; 2. Select the format to encode in UTF-8 without BOM format; 3. Save the file and re-upload it to the server. .

The operating environment of this article: windows7 system, PHP7.1 version, DELL G3 computer

How to solve the problem of PHP jump session loss ?

php Session loss mechanism when jumping to a page

1. The Session value can be saved and obtained on the same page, but it cannot be obtained after crossing another page;

2. Before starting session_start() on the two pages, session_id("myid") was set, but the value could not be obtained.

After using , check that the directory where the session is saved by default does not exist

# # Reason 2

A project developed by thinkphp. After successful login, it jumps to the login page. After submitting the information, the session output is normal and there is no problem. However, after the page jumps, the session appears. Lost phenomenon, unable to complete the normal login.

After searching for information, I found out that it was the cause of the bom. Due to the limitations of the COOKIE sending mechanism, in files that already have a BOM at the beginning of these files, the COOKIE cannot be sent (because PHP has already sent the file header before the COOKIE is sent), so the login and logout functions are invalid. All functions that rely on COOKIE and SESSION are invalid.

The correct way to deal with it is to remove the BOM of some files. Generally, the BOM problem occurs in the entry file. The way I deal with it is to use Notepad to open the file, and the format is encoded in UTF-8 BOM-free format. Then save it and re-upload it to the server. But be sure to note that before removing the BOM and uploading it to the server, you need to delete the source files on the server. Uploading overwrite cannot remove the BOM.

session mechanism

session is a session mechanism on the server side. When the client requests the server to create a session, the server will first detect whether the request contains a unique sessionID. If yes, it means that the server has already created a session for the user. As long as the user's session is retrieved according to the sessionID for the user to use, if there is no sessionID, the server will create a new session for the user with a unique sessionID. After the creation is completed, the session ID will be returned to the client by the server and saved to the client's local

Generally, the mechanism for saving the session ID is Cookie, but since Cookies can be artificially prohibited, it is necessary to ensure that Cookies are prohibited. After that, the session can still be conducted through the session, usually through url rewriting, in the form of http://...../xxx;jsessionid= ByOK3vjFD75aPnrF7C2HmdnV6QZcEbzWoWiBYEnLerjQ99zWpBng!-145788764, the other is as a query string attached to the URL Later, the expression is http://...../xxx?jsessionid=ByOK3vjFD75aPnrF7C2HmdnV6QZcEbzWoWiBYEnLerjQ99zWpBng!-145788764. There is no difference between these two methods for users. It is just that the server processes it differently during parsing. The first one is used. This method is also helpful to distinguish session id information from normal program parameters.

In order to maintain state throughout the entire interaction process, this session id must be included at the end of each path that the client may request.

Another misunderstanding about session invalidation:

When talking about the session mechanism, we often hear the misunderstanding "As long as you close the browser, the session will disappear." In fact, you can imagine the example of a membership card. Unless the customer actively asks the store to cancel the card, the store will never delete the customer's information easily. The same is true for sessions. Unless the program notifies the server to delete a session, the server will keep it. The program usually sends an instruction to delete the session when the user logs off. However, the browser never actively notifies the server that it is about to close before closing, so the server has no chance to know that the browser has been closed. The reason for this illusion is that most session mechanisms use session cookies to save session ids. , and the session id disappears after closing the browser, and the original session cannot be found when connecting to the server again. If the cookie set by the server is saved to the hard disk, or some method is used to rewrite the HTTP request header sent by the browser and send the original session ID to the server, the original session can still be found when the browser is opened again.

It is precisely because closing the browser will not cause the session to be deleted, forcing the server to set an expiration time for the seesion. When the time since the client last used the session exceeds this expiration time , the server can think that the client has stopped activities, and then delete the session to save storage space.

Recommended learning: "

PHP Video Tutorial"

The above is the detailed content of How to solve the problem of session loss in php jump. For more information, please follow other related articles on the PHP Chinese website!