当前位置:Gxlcms > PHP教程 > IIS7,IIS7.5在高版本IE下丢失session,每次刷新页面,都会生成新的sessionID

IIS7,IIS7.5在高版本IE下丢失session,每次刷新页面,都会生成新的sessionID

时间:2021-07-01 10:21:17 帮助过:13人阅读

测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。

后来测试了一下print session_id();ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。

后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie

session_start();
setcookie('PHPSESSID',session_id());

算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。

现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。

顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。

附上抓包数据(隐去了域名):
IE下:

GET /index.php HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Connection: Keep-Alive
Cookie: has_js=1

HTTP/1.1 200 OK
Cache-Control: public, max-age=600
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000
ETag: "1376286859-0"
Vary: Cookie
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:54:37 GMT
Connection: keep-alive
Content-Length: 9829


POST /?q=front-page&destination=front-page HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://***.***.cn/index.php
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Content-Length: 129
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: has_js=1


HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000
ETag: "1376287352"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 06:02:37 GMT
Connection: keep-alive
Content-Length: 155

firefox下:

GET /index.php HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000
If-None-Match: "1376286970"

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000
ETag: "1376287011"
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:56:56 GMT
Connection: keep-alive
Content-Length: 18842

POST /?q=front-page&destination=front-page HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://***.***.cn/
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 129

HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000
ETag: "1376287182"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:59:47 GMT
Connection: keep-alive
Content-Length: 155

回复内容:

测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。

后来测试了一下print session_id();ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。

后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie

session_start();
setcookie('PHPSESSID',session_id());

算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。

现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。

顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。

附上抓包数据(隐去了域名):
IE下:

GET /index.php HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Connection: Keep-Alive
Cookie: has_js=1

HTTP/1.1 200 OK
Cache-Control: public, max-age=600
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000
ETag: "1376286859-0"
Vary: Cookie
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:54:37 GMT
Connection: keep-alive
Content-Length: 9829


POST /?q=front-page&destination=front-page HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://***.***.cn/index.php
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Content-Length: 129
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: has_js=1


HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000
ETag: "1376287352"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 06:02:37 GMT
Connection: keep-alive
Content-Length: 155

firefox下:

GET /index.php HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000
If-None-Match: "1376286970"

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000
ETag: "1376287011"
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:56:56 GMT
Connection: keep-alive
Content-Length: 18842

POST /?q=front-page&destination=front-page HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://***.***.cn/
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 129

HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000
ETag: "1376287182"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:59:47 GMT
Connection: keep-alive
Content-Length: 155

自己给自己结贴,终于发现问题出在哪里了,这真的是我的错。
因为我把php.ini里面的一个变量:session.cookie_path的意思理解错了,填成d:\tmp,所以大家都没法登陆进去。现在改成空,已经正常了。

补充一下:
session.cookie_path 是指 session 生效的网站域;
session.save_path 是指存储 session 临时文件的路径。

人气教程排行