{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Fickle 薄情 的问题《php sessions empty using ssl?》','https://www.manongdao.com/q-744930.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Lets say i have a page called
https://url.com/test and https://url.com/test2
class Test extends Application {
# put global things here
function __construct() {
$this->library ( 'sessions' );
$this->helper ( 'active' );
}
function test() {
$this->sessions->set('login',1);
echo session_id().'<br/>';
echo $this->sessions->get('login');
}
function test2(){
if (is_get('d')) {
$this->sessions->del('login');
}
echo session_id().'<br/>';
echo $this->sessions->get('login');
}
}
when i use http://url.com/test and http://url.com/test2
it give me something like
page1
326o42a9pblv48c9kb5va1mgorsf35gr39gu0tg8a6umr0rcdrgmasmmtbqvqm0dqa086bn3od07mpc11b65so62c1atrr3cgemaha1
1
page2
326o42a9pblv48c9kb5va1mgorsf35gr39gu0tg8a6umr0rcdrgmasmmtbqvqm0dqa086bn3od07mpc11b65so62c1atrr3cgemaha1
1
but when on https
page1
326o42a9pblv48c9kb5va1mgorsf35gr39gu0tg8a6umr0rcdrgmasmmtbqvqm0dqa086bn3od07mpc11b65so62c1atrr3cgemaha1
1
page2
326o42a9pblv48c9kb5va1mgorsf35gr39gu0tg8a6umr0rcdrgmasmmtbqvqm0dqa086bn3od07mpc11b65so62c1atrr3cgemaha1
the 1 is gone. the problem is i want to share a session from page test to page test2.
edit* here is my sessions class
class Sessions {
private $config;
public function set($key, $value) {
if (isset ( $_SESSION [$key] )) {
return false;
}
if (! isset ( $_SESSION [$key] )) {
$_SESSION [$key] = $value;
return true;
}
}
public function get($key) {
if (! isset ( $_SESSION [$key] )) {
return false;
}
if (isset ( $_SESSION [$key] )) {
return $_SESSION [$key];
}
}
public function del($key) {
if (! isset ( $_SESSION [$key] )) {
return false;
}
if (isset ( $_SESSION [$key] )) {
unset ( $_SESSION [$key] );
return true;
}
}
public function flush() {
// do we still need this?
$_SESSION = array ();
session_destroy ();
$this->refresh ();
}
public function refresh() {
session_regenerate_id ( true );
}
function __construct() {
$this->config = config ( 'sessions' );
# doing some importing things
ini_set ( 'session.cookie_httponly', $this->config ['cookie_httponly'] );
ini_set ( 'session.gc_probability', $this->config ['gc_probability'] );
ini_set ( 'session.gc_divisor', $this->config ['gc_divisor'] );
ini_set ( 'session.hash_function', $this->config ['hash_function'] );
ini_set ( 'session.gc_maxlifetime', $this->config ['gc_maxlifetime'] );
# start the engine
session_start ();
}
}
the config
$config['sessions'] = array(
'gc_probability' => '0',
'gc_divisor' => '100',
# 'cookie_domain' => 'www.networks.co.id',
# http://us2.php.net/manual/en/session.configuration.php
'cookie_httponly' => FALSE,
# SHA512
'hash_function' => 'SHA512',
'gc_maxlifetime' => '1800'
);
Thanks for looking in
Adam Ramadhan
I have a feeling you might be using PHP with Suhosin patch, isn't it the case?
If so, check this flag in your settings:
This basically tells the server, that the session key depends on document root, which get's changed when you switch http to https.
edit: You should have this set to Off in you php.ini, or in case of using multiple ini files, like in debian, there is probably file like suhosin.ini in conf.d subdirectory, where php.ini resides. Not sure, whether it's possible to change this setting through ini_set()
On unrelated note, are you sure, that you want to set gc_probability to 0? That effectively disables session garbage collection.