搜索
搜索

有关非法字符,空会话ID和会话失败的session_start()问题

Ryflex 发表于 Dev
24
雷弗斯

因此,我意识到这是一个重复的问题,但是,它显然是一个错误,但其原始帖子已有5年历史,但也有人说这是一次恶意攻击...会话ID太长或包含非法字符,有效字符是az,AZ,0-9和“-”

解决此问题的最新正确方法是什么?

我的错误日志显示:

[2015年9月30日10:12:37 UTC] PHP警告:session_start():会话ID太长或包含非法字符,有效字符为/ home /中的az,AZ,0-9和“-”第27行的ACCOUNT / public_html / wp-content / plugins / wl-coupon / wishlist-coupon20.php

[2015年9月30日10:12:37 UTC] PHP警告:session_start():在第21行的/home/ACCOUNT/public_html/wp-content/plugins/cusplugin/cusplugin.php中无法启动具有空会话ID的会话

[2015年9月30日10:12:37 UTC] PHP警告:session_start():无法在第377行的/home/ACCOUNT/public_html/wp-content/plugins/cusplugin/cusplugin.php中以空会话ID启动会话

[2015年9月30日10:12:37 UTC] PHP警告:session_start():无法在第718行的/home/ACCOUNT/public_html/wp-content/plugins/cusplugin/cusplugin.php中以空会话ID启动会话

[2015年9月30日10:12:50 UTC] PHP警告:未知:会话ID太长或包含非法字符,有效字符为第0行中“未知”中的az,AZ,0-9和“-”

[2015年9月30日10:12:50 UTC] PHP警告:未知:无法写入会话数据(文件)。请在第0行的Unknown中验证session.save_path的当前设置正确(/ tmp)

我的完整日志:

[30-Sep-2015 10:12:37 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[30-Sep-2015 10:12:37 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[30-Sep-2015 10:12:37 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[30-Sep-2015 11:12:37 Europe/London] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 718
[30-Sep-2015 11:12:37 Europe/London] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[30-Sep-2015 10:12:49 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[30-Sep-2015 10:12:50 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[30-Sep-2015 10:12:50 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[30-Sep-2015 10:12:50 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[30-Sep-2015 10:12:50 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[30-Sep-2015 10:12:50 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[30-Sep-2015 10:12:50 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[30-Sep-2015 10:12:50 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[30-Sep-2015 10:12:51 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 718
[30-Sep-2015 10:12:51 UTC] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[30-Sep-2015 10:12:53 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[30-Sep-2015 10:12:53 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[30-Sep-2015 10:12:53 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[30-Sep-2015 10:12:53 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[30-Sep-2015 10:12:53 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[30-Sep-2015 10:13:04 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[30-Sep-2015 10:13:04 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[30-Sep-2015 10:13:04 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[30-Sep-2015 10:13:04 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 718
[30-Sep-2015 10:13:04 UTC] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[01-Oct-2015 04:47:21 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[01-Oct-2015 04:47:21 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[01-Oct-2015 04:47:21 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[01-Oct-2015 04:47:21 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[01-Oct-2015 04:47:21 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[01-Oct-2015 05:47:22 Europe/London] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[01-Oct-2015 05:47:22 Europe/London] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[01-Oct-2015 04:47:22 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[01-Oct-2015 04:47:22 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 718
[01-Oct-2015 04:47:22 UTC] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[01-Oct-2015 04:47:24 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[01-Oct-2015 04:47:24 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 377
[01-Oct-2015 04:47:24 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[01-Oct-2015 04:47:24 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[01-Oct-2015 04:47:24 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[01-Oct-2015 23:10:23 UTC] PHP Warning:  in_array() expects parameter 2 to be array, null given in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 492
[01-Oct-2015 23:11:15 UTC] PHP Warning:  in_array() expects parameter 2 to be array, null given in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 492[02-Oct-2015 08:59:42 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[02-Oct-2015 08:59:42 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[02-Oct-2015 08:59:42 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[02-Oct-2015 09:59:42 Europe/London] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 739
[02-Oct-2015 09:59:42 Europe/London] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[02-Oct-2015 08:59:44 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[02-Oct-2015 08:59:45 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[02-Oct-2015 08:59:45 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[02-Oct-2015 08:59:45 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[02-Oct-2015 08:59:45 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[02-Oct-2015 08:59:46 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[02-Oct-2015 08:59:46 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[02-Oct-2015 08:59:46 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[02-Oct-2015 08:59:46 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 739
[02-Oct-2015 08:59:46 UTC] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[02-Oct-2015 08:59:52 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[02-Oct-2015 08:59:52 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[02-Oct-2015 08:59:52 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[02-Oct-2015 08:59:52 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[02-Oct-2015 08:59:52 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[03-Oct-2015 04:51:46 UTC] PHP Warning:  require(ABSPATHwp-includes/load.php): failed to open stream: No such file or directory in /home/HOSTINGACCOUNT/public_html/wp-settings.php on line 21
[03-Oct-2015 04:51:46 UTC] PHP Warning:  require(ABSPATHwp-includes/load.php): failed to open stream: No such file or directory in /home/HOSTINGACCOUNT/public_html/wp-settings.php on line 21
[03-Oct-2015 04:51:46 UTC] PHP Fatal error:  require(): Failed opening required 'ABSPATHwp-includes/load.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/HOSTINGACCOUNT/public_html/wp-settings.php on line 21
[03-Oct-2015 08:09:48 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[03-Oct-2015 08:09:48 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[03-Oct-2015 08:09:48 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[03-Oct-2015 09:09:49 Europe/London] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 727
[03-Oct-2015 09:09:49 Europe/London] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[03-Oct-2015 08:09:52 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[03-Oct-2015 08:09:52 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[03-Oct-2015 08:09:52 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[03-Oct-2015 08:09:52 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[03-Oct-2015 08:09:52 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
[03-Oct-2015 08:09:55 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[03-Oct-2015 08:09:55 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[03-Oct-2015 08:09:55 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[03-Oct-2015 08:09:55 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 727
[03-Oct-2015 08:09:55 UTC] PHP Fatal error:  Call to a member function check_connection() on a non-object in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/simple-press/sp-api/sp-api-wpdb.php on line 439
[03-Oct-2015 08:09:57 UTC] PHP Warning:  session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/wl-coupon/wishlist-coupon20.php on line 27
[03-Oct-2015 08:09:57 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 385
[03-Oct-2015 08:09:57 UTC] PHP Warning:  session_start(): Cannot start session with empty session ID in /home/HOSTINGACCOUNT/public_html/wp-content/plugins/customplugin/customplugin.php on line 21
[03-Oct-2015 08:09:57 UTC] PHP Warning:  Unknown: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0
[03-Oct-2015 08:09:57 UTC] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0

正如您所看到的那样,它们似乎都是成组发生的,只需看看9月30日,它就会在一分钟之内发生很多次,而一天中的其余时间都不会发生...

它为自定义插件,简单的新闻论坛(我认为)和愿望清单优惠券2.0引发了sessionid问题

我的自定义插件代码具有:

if(!session_id()) {
    session_start();
}

我从下面尝试了选项2,但没有帮助/解决问题。

导致某些错误的其他WordPress插件的摘要:

class WishListCoupon20 extends WishListPlugin {
    public function __construct($file, $slug, $sku, $name, $link_name, $prefix, $require_wlm) {
        parent::__construct($file, $slug, $sku, $name, $link_name, $prefix, $require_wlm);

        session_start();

另一个堆栈溢出帖子具有一些变通方法,可解决此问题,但我不确定什么是正确的,因为该帖子已有5年以上的历史了,您可能希望在那时修复一个错误。

选项1感谢Sergey Eremin:

<?php
    function my_session_start()
    {
        if (ini_get('session.use_cookies') && isset($_COOKIE['PHPSESSID'])) {
            $sessid = $_COOKIE['PHPSESSID'];
        } elseif (!ini_get('session.use_only_cookies') && isset($_GET['PHPSESSID'])) {
            $sessid = $_GET['PHPSESSID'];
        } else {
            session_start();
            return false;
        }

        if (!preg_match('/^[a-z0-9]{32}$/', $sessid)) {
            return false;
        }
        session_start();

        return true;
    }
?>

选项2感谢danjfoley:

try {
   session_start();
} catch(ErrorExpression $e) {
   session_regenerate_id();
   session_start();
}

选项3感谢Cendak(使用Andron先前的解决方案)

function my_session_start()
{
      $sn = session_name();
      if (isset($_COOKIE[$sn])) {
          $sessid = $_COOKIE[$sn];
      } else if (isset($_GET[$sn])) {
          $sessid = $_GET[$sn];
      } else {
          return session_start();
      }

     if (!preg_match('/^[a-zA-Z0-9,\-]{22,40}$/', $sessid)) {
          return false;
      }
      return session_start();
}

if ( !my_session_start() ) {
    session_id( uniqid() );
    session_start();
    session_regenerate_id();
}

选项4感谢Andron:

<?php
    function my_session_start()
    {
        $sn = session_name();
        if (isset($_COOKIE[$sn])) {
            $sessid = $_COOKIE[$sn];
        } else if (isset($_GET[$sn])) {
            $sessid = $_GET[$sn];
        } else {
            session_start();
            return false;
        }

       if (!preg_match('/^[a-zA-Z0-9,\-]{22,40}$/', $sessid)) {
            return false;
        }
        session_start();

       return true;
    }
?>

选项5感谢alpere:

$ok = @session_start();
if(!$ok){
session_regenerate_id(true); // replace the Session ID
session_start(); 
}

或者,还有更好的方法。

佩德罗·洛比托

问题:

session_start()依靠$_COOKIE[session_name()],因此,如果您将cookie值编辑为类似#$#$FDSFSR#"#"$"#$"或只是将其清空(不删除cookie)并使用代码刷新页面:

if (!session_id()) {
    session_start();
}

生成以下警告:

PHP警告:session_start():会话ID太长或包含非法字符,有效字符为第7行/home/username/public_html/session_start.php中的az,AZ,0-9和'-'。

发生这种情况是因为php正在检查是否session_id()存在,实际上,它是否存在,但是包含不允许用作session_id名称的非法字符

有效 session id可含有数字,字母A到Z(大写和小写),逗号和破折号([-,a-zA-Z0-9]之间)1128个字符。

我的解决方案:

检查是否$_COOKIE[session_name()]设置了,并且session_id在之前包含有效的session_start(),否则,请删除会话cookie,然后再删除session_start(),例如:

function safeSession() {
    if (isset($_COOKIE[session_name()]) AND preg_match('/^[-,a-zA-Z0-9]{1,128}$/', $_COOKIE[session_name()])) {
        session_start();
    } elseif (isset($_COOKIE[session_name()])) {
        unset($_COOKIE[session_name()]);
        session_start(); 
    } else {
        session_start(); 
    }
}

开始会议:

safeSession();

笔记:

1-session_name在您的上定义php.inisession.name = SOMETHING(默认值为PHPSESSID),因此,您可能正在寻找与匹配的Cookie session.name您可以使用该session_name()函数来检索它。

2-如果设置了会话cookie操作,黑客可以使用它们从服务器(usernamepath)中转储信息ini_set('display_errors', 1);

3-session_regenerate_id(true)有效,但是因为它session_id在分配新的电流之前先检查电流,所以会生成警告。

4-我用几个无效的会话名称测试了代码,没有错误或警告生成,一切正常。

参考文献:

session.c源代码

本文收集自互联网,转载请注明来源。

如有侵权,请联系 [email protected] 删除。

编辑于
0

我来说两句

0 条评论
登录 后参与评论

相关文章

session_start():无法解码会话对象

session_start():在 Yii2 中读取会话数据失败:redis(路径:tcp://127.0.0.1:6380)?

Yii2 - session_start(): 找不到保存处理程序'memcached' - 会话启动失败

警告:session_start():找不到保存处理程序 's' - 会话启动失败

查找有关Firefox的会话信息

session_start()每次刷新都会创建新的会话,没有警告

有什么方法可以从oracle中的gv $ session获取有关当前会话的信息?

PHP session_start 不接触会话文件

C#HttpClient Cookie和会话ID问题

了解Spring Bean范围与Spring Web流会话范围有关的问题

修复有关会话用户只能发送一个图像文件的问题

有关ASP.NET中会话的要点

警告:session_destroy():试图销毁未初始化的会话[session_start() used]

购物车和会话ID

Dialogflow Beta 集成和会话 ID

Perl 检索 Unix 会话 ID 和会话领导者

session_start():会话数据文件不是由您的uid创建的

PHP形式session_start():无法发送会话缓存限制器

会话和会话工厂在休眠

警告:session_start():无法发送会话缓存限制器 - 即使在使用 session_start() 和 ob_start() 后,标头也已发送

警告:session_start():无法发送会话cookie-已发送的标头(但:本地主机上没有错误)

警告:session_regenerate_id():会话对象销毁失败

RESTful令牌和会话

PHP,nodeJS和会话

CodeIgniter 3和会话

MVC路由和会话

登录和会话PHP

Ajax和会话

Winform和会话超时

TOP 榜单

  1. 1

    UITableView的项目向下滚动后更改颜色,然后快速备份

  2. 2

    Linux的官方Adobe Flash存储库是否已过时?

  3. 3

    用日期数据透视表和日期顺序查询

  4. 4

    应用发明者仅从列表中选择一个随机项一次

  5. 5

    Mac OS X更新后的GRUB 2问题

  6. 6

    验证REST API参数

  7. 7

    Java Eclipse中的错误13,如何解决?

  8. 8

    带有错误“ where”条件的查询如何返回结果?

  9. 9

    ggplot:对齐多个分面图-所有大小不同的分面

  10. 10

    尝试反复更改屏幕上按钮的位置 - kotlin android studio

  11. 11

    如何从视图一次更新多行(ASP.NET - Core)

  12. 12

    计算数据帧中每行的NA

  13. 13

    蓝屏死机没有修复解决方案

  14. 14

    在 Python 2.7 中。如何从文件中读取特定文本并分配给变量

  15. 15

    离子动态工具栏背景色

  16. 16

    VB.net将2条特定行导出到DataGridView

  17. 17

    通过 Git 在运行 Jenkins 作业时获取 ClassNotFoundException

  18. 18

    在Windows 7中无法删除文件(2)

  19. 19

    python中的boto3文件上传

  20. 20

    当我尝试下载 StanfordNLP en 模型时,出现错误

  21. 21

    Node.js中未捕获的异常错误,发生调用

热门标签

归档