laravel 4.2在重定向时重新生成会话

Posted

技术标签:

【中文标题】laravel 4.2在重定向时重新生成会话【英文标题】:laravel 4.2 regenrating session on redirect 【发布时间】:2017-08-29 11:36:38 【问题描述】:

我有一个 laravel 4.2 版,它在登录部分的 php 5.4,5.5 中运行良好。但是当我切换到 5.6.23 时,它开始生成多个会话。我从 auth::attempt 获得了成功,但在重定向到仪表板之后一切都消失了,没有任何季节。我已经检查了会话文件夹,会话存在,但是重定向后又生成了 2-3 个会话。

<?php

返回数组(

/*
|--------------------------------------------------------------------------
| Default Session Driver
|--------------------------------------------------------------------------
|
| This option controls the default session "driver" that will be used on
| requests. By default, we will use the lightweight native driver but
| you may specify any of the other wonderful drivers provided here.
|
| Supported: "file", "cookie", "database", "apc",
|            "memcached", "redis", "array"
|
*/

'driver' => 'file',

/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/

'lifetime' => 120,

'expire_on_close' => false,

/*
|--------------------------------------------------------------------------
| Session File Location
|--------------------------------------------------------------------------
|
| When using the native session driver, we need a location where session
| files may be stored. A default has been set for you but a different
| location may be specified. This is only needed for file sessions.
|
*/

'files' => storage_path().'/sessions',

/*
|--------------------------------------------------------------------------
| Session Database Connection
|--------------------------------------------------------------------------
|
| When using the "database" or "redis" session drivers, you may specify a
| connection that should be used to manage these sessions. This should
| correspond to a connection in your database configuration options.
|
*/

'connection' => null,

/*
|--------------------------------------------------------------------------
| Session Database Table
|--------------------------------------------------------------------------
|
| When using the "database" session driver, you may specify the table we
| should use to manage the sessions. Of course, a sensible default is
| provided for you; however, you are free to change this as needed.
|sessions
*/

'table' => 'sessions',

/*
|--------------------------------------------------------------------------
| Session Sweeping Lottery
|--------------------------------------------------------------------------
|
| Some session drivers must manually sweep their storage location to get
| rid of old sessions from storage. Here are the chances that it will
| happen on a given request. By default, the odds are 2 out of 100.
|
*/

'lottery' => array(2, 100),

/*
|--------------------------------------------------------------------------
| Session Cookie Name
|--------------------------------------------------------------------------
|
| Here you may change the name of the cookie used to identify a session
| instance by ID. The name specified here will get used every time a
| new session cookie is created by the framework for every driver.
|myapp_session
*/

'cookie' => 'myapp_session',

/*
|--------------------------------------------------------------------------
| Session Cookie Path
|--------------------------------------------------------------------------
|
| The session cookie path determines the path for which the cookie will
| be regarded as available. Typically, this will be the root path of
| your application but you are free to change this when necessary.
|
*/

'path' => '/',

/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| Here you may change the domain of the cookie used to identify a session
| in your application. This will determine which domains the cookie is
| available to in your application. A sensible default has been set.
|
*/

'domain' => '',

/*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you if it can not be done securely.
|
*/

'secure' => false,

);

我的表单操作处理程序

  public function verify()

    $username = Input::get('username');
    $password = Input::get('password');
    if (!User::count()) 
        $user = new User;
        $user->username = Input::get('username');
        $user->password = $user->password = Hash::make(Input::get('password'));
        $user->save();
        return Redirect::to('/admin/login');
     else 
        if (Auth::attempt(array('username' => $username, 'password' => $password))) 

            Session::put('username', $username);
            if (Session::has('pre_admin_login_url')) 
                $url = Session::get('pre_admin_login_url');
                Session::forget('pre_admin_login_url');
                return Redirect::to($url);
             else 

                return Redirect::to('/admin/dashboard')->with('notify','installation Notification');
            
         else 
            return Redirect::to('/admin/login?error=1');
        
    


我尝试更改所有这些值,已经检查了 php 的任何起始标记中没有空格或换行 .. 请帮助我不想升级整个项目版本.. 谢谢

【问题讨论】:

最后我自己解决了..在 RND 16 小时后(我是 laraval 的新手)。我发现你必须停止在这个函数中为会话创建新 id ..protected function generateSessionId() //return sha1(uniqid('', true).str_random(25).microtime(true));返回 md5('sunny_fixed_issue');路径:vendor\laravel\framework\src\Illuminate\Session\Store.php.......至少它解决了我的问题。希望对你也有帮助 【参考方案1】:

我遇到了同样的问题,我也解决了它,在这些文件的末尾也删除了空格和行。

【讨论】:

【参考方案2】:

我很久以前就遇到过这个问题。经过几天的搜索,我发现 Laravel generateSessionId function when it comes to php 5.6.23 存在问题。你可以在这里找到这个方法 crm/vendor/laravel/framework/src/Illuminate/Session/Store.php.. line :171

protected function generateSessionId()
    
//      return sha1(uniqid('', true).str_random(25).microtime(true));
            return md5('Getpikk');
    

这就是我为解决我的问题所做的。希望对你也有帮助。。

【讨论】:

以上是关于laravel 4.2在重定向时重新生成会话的主要内容,如果未能解决你的问题,请参考以下文章

Auth::user 不会在重定向时保留

Undertow (JBoss 7) 在重定向时破坏/重新编码 URL 编码的参数

重定向页面时 Laravel Auth 会话丢失

重定向到外部网站时,Laravel 会话不持久

会话范围和 jsf 重定向

重定向后不保留会话数据