我正在进行一个项目,客户将获得自己的模板网站。他们将获得自己的免费子域,默认情况下这将是http,示例如下。
http://www.jess-jewels.mytreatments.co.uk/info.phphttps://www.jess-jewels.mytreatments.co.uk/info.php
在安全链接上,您将看到cookie PHPSSID设置正确,会话id始终保持不变。
在非安全链接上,页面加载时会发生变化,并且浏览器中没有设置PHPSSID cookie,不确定原因。
PHP会话信息:
Registered save handlers files user
Registered serializer handlers php_serialize php php_binary wddx
Directive Local Value Master Value
session.auto_start Off Off
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file /dev/urandom /dev/urandom
session.entropy_length 32 32
session.gc_divisor 0 0
session.gc_maxlifetime 2880 2880
session.gc_probability 0 0
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.lazy_write On On
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path /var/cpanel/php/sessions/ea-php70 /var/cpanel/php/sessions/ea-php70
session.serialize_handler php php
session.upload_progress.cleanup On On
session.upload_progress.enabled On On
session.upload_progress.freq 1% 1%
session.upload_progress.min_freq 1 1
session.upload_progress.name PHP_SESSION_UPLOAD_PROGRESS PHP_SESSION_UPLOAD_PROGRESS
session.upload_progress.prefix upload_progress_ upload_progress_
session.use_cookies On On
session.use_only_cookies On On
session.use_strict_mode Off Off
session.use_trans_sid 0 0```
最终通过覆盖cookie使其工作:
session_start();
$params = session_get_cookie_params();
setcookie("PHPSESSID", session_id(), 0, $params["path"], $params["domain"],
false, // this is the secure flag you need to set. Default is false.
true // this is the httpOnly flag you need to set
);