php session.use_trans_sid

发布时间：2020-12-13 21:35:36 所属栏目：PHP教程来源：网络整理

导读：我不清楚php的session.use_trans_id的含义和用法. 在线文档中,它说： the run-time option session.use_trans_sid are enabled, relative URIs will be changed to contain the session id automatically. Does this mean it will ALWAYS add the session id

我不清楚php的session.use_trans_id的含义和用法.

在线文档中,它说：

the run-time option
session.use_trans_sid are enabled,
relative URIs will be changed to
contain the session id automatically.
Does this mean it will ALWAYS add the session id? Or only when cookies are not working?

它会自动将它添加到javascript的window.location还是ajax调用？

另外,在php.ini文件中,它说：

trans sid support is disabled by default.
Use of trans sid may risk your users security.
Use this option with caution.
 - User may send URL contains active session ID
   to other person via. email/irc/etc.
 - URL that contains active session ID may be stored
   in publically accessible computer.
 - User may access your site with the same session ID
   always using URL stored in browser's history or bookmarks.
 http://php.net/session.use-trans-sid

我很困惑,在线文档说,除非你使用PHP 4.2.0或更高版本,否则你需要手动启用它.那么为什么默认会禁用它？ (我正在使用php 5).

此外,这个功能是否必须处理禁用cookie的用户？

解决方法

你可以这样：

if(isset($_COOKIE['session_name'])){
            ini_set("session.use_trans_sid",false);
            session_start();
            ///////////////////
            //any hard tracking code or hard work goes here
            // like $_SESSION['msisdn']="9455366212";
            ///////////////////
            $_SESSION['cookie_support']=1;
}else{
            ini_set("session.use_trans_sid",true);
            session_start();
            $_SESSION['cookie_support']=0;
}

如果用户尝试登录,请先检查$_SESSION [‘cookie_support’];尽量避免与cookie_support = 0进行任何敏感的交互

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!