小贝子编程

为什么PHP会话本身似乎被清空了



我正在建立一个网站,我有两个页面,一个用于登录,另一个用于上传文件。

当用户登录时,我将从数据库中获取的该用户的ID设置到$_SESSION变量中,当用户转到第二个页面时,他可以上传文件,对该文件的引用和ID将存储到数据库中。

我的前端btw位于一个完全不同的域上,所以当用户上传文件时,$_SESSION变量将为空,我该如何解决?

example.com上的PHP检查登录页面

<?php 
session_start();
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400');    // cache for 1 day
}
$a = headers_list();
require "Connessione.php";
$connessione = new Connessione();
$ris = $connessione->getUtente($_POST['id']);
if($risposta['esisteGia'])
{
$_SESSION['ID'] = $ris[0]['IDUtente'];
$_SESSION['Tipo'] = $ris[0]['Ruolo'];
}

echo json_encode($risposta);
?>

example2.com上用ReactJS编写的登录前端

const esisteGia = () => {
async function controllaCheEsistaGia() {
let udid = "123";
let data = new FormData();
data.append("id", udid);
let risposta = await fetch(
"https://example.com/checkLogin.php",
{
method: "POST",
body: data,
credentials: "include"
}
);
risposta = await risposta.json();
console.log(risposta);
}
controllaCheEsistaGia();
};

此时,$_SESSION被设置。

在example.com上传文件.php

session_start();
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400');    // cache for 1 day
}
if(!isset($_SESSION['ID'])). //Here the session is now empty again
{
header("Location: {$_SERVER['HTTP_ORIGIN']}/Login");
die();
}
header('Content-Type: application/json; charset=utf-8');

$filePDF = $_FILES['pdfDaCaricare']['tmp_name']; //Also the $_FILES is not set, and I don't know why

example2.com/uploadFile

const caricaFile = async e => {
const fd = new FormData();
fd.append("pdfDaCaricare", file);

await axios.post(
"example.com/uploadFile.php"
fd,
{
method: "POST",
credentials: "include",
headers: {
"content-type": "multipart/form-data"
},
onUploadProgress: function(progressEvent) {
let percentCompleted = Math.round(
(progressEvent.loaded * 100) / progressEvent.total
);
document.getElementById("percentuale").innerText = percentCompleted;
}
}
);
};

即使在localhost中,这也不起作用

会话Cookie只适用于一个域,因此可能甚至https://example.com/checkLogin.php会议会有问题。

也许可以使用不同的消息来验证您的用户。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium