問題描述

我的網站上有一個使用 CakePHP 的身份驗證系統.為此，它使用了 PHP 會話.

I have an authentication system on my site using CakePHP. It uses PHP Sessions for this.

我有一個 AJAX 調用(在每分鐘運行一次的 setInterval 內)到一個檢查用戶是否仍然登錄的函數.如果它返回 false，那么 Javascript 將獲取當前 URL 并嘗試重定向它們，這又會將它們重定向到登錄頁面.從理論上講，這是有效的，因為它主動要求用戶重新登錄，而不是舉行一個陳舊的會話，這只會要求他們在點擊某物后立即登錄.我的問題是我的 AJAX 調用使會話保持活動狀態.所以永遠不要退出(我們不想要)

What i have in place is an AJAX call (within a setInterval running every minute) to a function which checks if the user is still logged in. If it returns false, then the Javascript takes the current URL and attempts to redirect them, which in turn redirects them to the login page. In theory this works because it actively asks the user to re-login instead of holding a stale session which will just ask them to login as soon as they click something. My problem is that my AJAX call is keeping the session alive. So never get logged out (which we don't want)

我可以在 CakePHP 中做些什么或我可以使用任何其他方法來阻止這種情況發生嗎?

Is there ANYTHING i can do within CakePHP or any other methods i can use to stop this happening?

推薦答案

當您檢查會話的有效性時，將 &ajax=(任何內容)添加到查詢字符串中.

Add &ajax= (anything) to the query string when you're checking for the validity of the session.

>

然后，更改您的 PHP 會話代碼:

Then, alter your PHP session code:

session_start();
if(!isset($_GET["ajax"])) $_SESSION["lastactivity"] = time();
if(now() - $_SESSION["lastactivity"] > 3600){ //3600 seconds
    header("Location: login.php?url="+urlencode(str_replace("&ajax=", "", $_SERVER["REQUEST_URI"])));
    //Example:
    // Location: login.php?url=/sensible/secret.php?mode=show&hide=nothing
    exit;
}

這篇關于如何停止 AJAX 調用以保持 PHP 會話處于活動狀態的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！