无论页面重新加载如何，都保留当前会话 - Persistent the Current Session Regardless of Page Reload

Persistent the Current Session Regardless of Page Reload

本文关键字：保留会话加载新加载 | 更新日期: 2023-09-27

所以我index.php (root)该用户提交表单，它会在加载页面时重新生成session_id并存储在隐藏输入中。

在root index.php文件中输入数据后，它们被发送到一个profile page，该具有：

session_start(); // Bring in old sessionID
$sess_id = session_id();
// If no sessionID redirect back home.
if(empty($sess_id)) {
  header('Location: ../index.php');   
}
// If don't enter, then reload page, redirect back home
elseif(empty($_POST['firstNm']) || empty($_POST['lastNm'])) {
  header('Location: ../index.php');   
}
// If sessionID first send off this data inputted from ../index.php then regenerate session id and update db
else {  
  // Connect to db
  $_SERVER['DOCUMENT_ROOT'] = 'SiteRoot/';
  // Grabs a new user's : username, pass, email from default [index.php] once submitted
  require_once($_SERVER['DOCUMENT_ROOT'].'cfg/'.'dbi.php');
  require_once($_SERVER['DOCUMENT_ROOT'].'registration/'.'inituserCredentialsGrab.php');
  // After submitting original values, update new session ID in database since original was viewable via source hidden inputs
  require_once($_SERVER['DOCUMENT_ROOT'].'registration/'.'newUserSessIDInitReg.php');
}

这个文件基本上得到所有的初始输入。获取通过查看源代码可见的初始session_id...并再生它。重新生成后，它提交到数据库。

问题是，如果我去RELOAD页面，它似乎会再次重新生成 id。我该如何解决这个问题，以便无论我在当前浏览器会话期间刷新多少次，它都不会执行regenerate_id？

我会在我的新会话中存储一个 id 已经重新生成的标志，并在进入页面时进行检查。

例如：

session_start(); // Bring in old sessionID              
$sess_id = session_id();              
// If no sessionID redirect back home.              
if(empty($sess_id)) {              
  header('Location: ../index.php');                 
}              
// If don't enter, then reload page, redirect back home              
elseif(empty($_POST['firstNm']) || empty($_POST['lastNm'])) {              
  header('Location: ../index.php');                 
}              
// If sessionID first send off this data inputted from ../index.php then regenerate session id and update db              
elseif(!isset($_SESSION['already_stored'])){                
  // Connect to db              
  $_SERVER['DOCUMENT_ROOT'] = 'SiteRoot/';              
  // Grabs a new user's : username, pass, email from default [index.php] once submitted              
  require_once($_SERVER['DOCUMENT_ROOT'].'cfg/'.'dbi.php');              
  require_once($_SERVER['DOCUMENT_ROOT'].'registration/'.'inituserCredentialsGrab.php');              
  // After submitting original values, update new session ID in database since original was viewable via source hidden inputs              
  require_once($_SERVER['DOCUMENT_ROOT'].'registration/'.'newUserSessIDInitReg.php');
  $_SESSION['already_stored'] = true;
}

如果用于更新数据库的代码仍需要在每次重新加载时运行，则可以将 if 条件移动到仅围绕会话 ID 本身的重新生成。