Joomla 2.5 JFactory::getSession(); seems to be cac

2019-07-22 05:14发布

问题:

I have a php file in includes directory. It's usability is to display a captcha Image. In that file I set a session variable like this:

$code = codegenerator();
$session =& JFactory::getSession();
$session->set('security_code', $code);

This Session variable is set from an image src that calls that method from a controller.

Then I call a controller to check that session that was set (this method is trigerd with ajax from an iframe) and in that method I do this

$session = JFactory::getSession();
$seccode=$session->get('security_code');
echo $seccode.':'.rand();

The result is as expected the first time, the code that was set and a random number. If I refresh that page the captcha image gets reset with a new code and gets displayed. But when I triger the check event again, I get the previous code with a new random number. That rand() there is a proof that JFactory::getSession(); is cached because I get the new random number but the same previous code and not the new as supposed to. So it's not that ajax that is caching something here.

How can I avoid JFactory::getSession(); geting cached from firefox? This happens only in firefox. Internet explorer and chrome seem to display the session code correctly. If I clear firefox cash and refresh the page it still doesn't work. It's like it's cached for ever. If I close firefox and open it again, then everything seems to work as the first time, but then I have the same issue again.

Here is the code that generates the captcha

<?php

defined('_JEXEC') or die('Restricted access');
class CaptchaSecurityImages {

    var $font='monofont.ttf';


    function generateCode($characters) {
        /* list all possible characters, similar looking characters and vowels have been removed */
        $possible = '23456789bcdfghjkmnpqrstvwxyz';
        $code = '';
        $i = 0;
        while ($i < $characters) { 
            $code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
            $i++;
        }
        return $code;
    }

    function CaptchaSecurityImages($width='220',$height='40',$characters='6') {
        $code = $this->generateCode($characters);

        //$font='includes'.DS.'monofont.ttf';
        $font='monofont.ttf';
        $this->font=$font;

        $session =& JFactory::getSession();
        $session->set('security_code', $code);


        /* font size will be 75% of the image height */
        $font_size = $height * 0.75;
        $image = @imagecreate($width, $height) or die('Cannot initialize new GD image stream');

        /* set the colours */
        $background_color = imagecolorallocate($image, 255, 255, 255);
        $text_color = imagecolorallocate($image, 20, 40, 100);
        $noise_color = imagecolorallocate($image, 100, 120, 180);
        /* generate random dots in background */
        for( $i=0; $i<($width*$height)/3; $i++ ) {
            imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);
        }
        /* generate random lines in background */
        for( $i=0; $i<($width*$height)/150; $i++ ) {
            imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color);
        }
        /* create textbox and add text */


        $textbox = imagettfbbox($font_size, 0, $this->font, $code) or die('Error in imagettfbbox function');
        $x = ($width - $textbox[4])/2;
        $y = ($height - $textbox[5])/2;
        imagettftext($image, $font_size, 0, $x, $y, $text_color, $this->font , $code) or die('Error in imagettftext function');
        /* output captcha image to browser */

        header('Content-Type: image/jpeg');
        imagejpeg($image);
        imagedestroy($image);

    }

}
?>

And here is the code that is called by the ajax

public function checkCaptchaSecurityCode(){
        $securitycode = JRequest::getVar('securitycode');           
        $session = JFactory::getSession();
        $seccode=$session->get('security_code');        

        echo $seccode.':'.rand();

        die();
    }   

and here is the ajax call

<?php $checkCaptchaSecurityCode = JRoute::_('index.php?option=com_virtuemart&view=participate&task=checkCaptchaSecurityCode&tmpl=component&format=raw'); ?>
    jQuery.ajaxSetup({cache: false});
            jQuery.ajax({
                  type: "POST",
                  url: "<?php echo $checkCaptchaSecurityCode ?>",
                  cache: false,
                  data: { securitycode: jQuery("#security_code").val() }
                }).done(function( msg ) {
                  alert( msg );
            });

please help

回答1:

I had the same problem, but calling the clear method before setting a new session variable fixed the problem.

    $session = & JFactory::getSession();
    /* this way unset data from the session store */
    $session->clear('security_code');
    /* and now set the new value */
    $session->set('security_code', $code);

It works even if is the first time you are declaring a session variable.



回答2:

Are you posting/getting to mydomain.com when from www.mydomain.com ? This would cause joomla to create a new session I believe.