I have the session id of my application. now i want to get all the session variables by using this session id.
我有我的应用程序的会话ID。现在我想通过使用此会话ID获取所有会话变量。
I used <?php echo session_id()?> to get the session id but how to get all the session object values by using this session id?
我使用<?php echo session_id()?>来获取会话ID但是如何使用此会话ID获取所有会话对象值?
4 个解决方案
#1
54
According to php.net: There are several ways to leak an existing session id to third parties. A leaked session id enables the third party to access all resources which are associated with a specific id. First, URLs carrying session ids. If you link to an external site, the URL including the session id might be stored in the external site's referrer logs. Second, a more active attacker might listen to your network traffic. If it is not encrypted, session ids will flow in plain text over the network. The solution here is to implement SSL on your server and make it mandatory for users.
根据php.net:有几种方法可以将现有会话ID泄露给第三方。泄露的会话ID使第三方能够访问与特定id相关联的所有资源。首先,携带会话ID的URL。如果链接到外部站点,则包含会话ID的URL可能存储在外部站点的引用者日志中。其次,更活跃的攻击者可能会收听您的网络流量。如果未加密,则会话ID将通过网络以纯文本形式传输。这里的解决方案是在您的服务器上实现SSL并使其成为用户必需的。
This begs the question, how do you have the session ID but unable to access the script?
这就引出了一个问题,你如何拥有会话ID却无法访问脚本?
Regardless, you would need to set the session ID and then start it...then access the data.
无论如何,您需要设置会话ID然后启动它...然后访问数据。
session_id($whatever_id_you_have);
session_start();
echo $_SESSION['somekey'];
#2
1
$_SESSION is what you are looking for. Remember to call session_start() first. See http://php.net/session.examples.basic
$ _SESSION是您正在寻找的。记得先调用session_start()。见http://php.net/session.examples.basic
#3
1
var_dump($_SESSION); will show you the contents of the current session, you can then access the values just like you would on a normal array.
后续代码var_dump($ _ SESSION);将显示当前会话的内容,然后您可以像在普通数组上一样访问这些值。
#4
0
You can check all session value using this one..
您可以使用此选项检查所有会话值。
print_r($_SESSION);
#1
54
According to php.net: There are several ways to leak an existing session id to third parties. A leaked session id enables the third party to access all resources which are associated with a specific id. First, URLs carrying session ids. If you link to an external site, the URL including the session id might be stored in the external site's referrer logs. Second, a more active attacker might listen to your network traffic. If it is not encrypted, session ids will flow in plain text over the network. The solution here is to implement SSL on your server and make it mandatory for users.
根据php.net:有几种方法可以将现有会话ID泄露给第三方。泄露的会话ID使第三方能够访问与特定id相关联的所有资源。首先,携带会话ID的URL。如果链接到外部站点,则包含会话ID的URL可能存储在外部站点的引用者日志中。其次,更活跃的攻击者可能会收听您的网络流量。如果未加密,则会话ID将通过网络以纯文本形式传输。这里的解决方案是在您的服务器上实现SSL并使其成为用户必需的。
This begs the question, how do you have the session ID but unable to access the script?
这就引出了一个问题,你如何拥有会话ID却无法访问脚本?
Regardless, you would need to set the session ID and then start it...then access the data.
无论如何,您需要设置会话ID然后启动它...然后访问数据。
session_id($whatever_id_you_have);
session_start();
echo $_SESSION['somekey'];
#2
1
$_SESSION is what you are looking for. Remember to call session_start() first. See http://php.net/session.examples.basic
$ _SESSION是您正在寻找的。记得先调用session_start()。见http://php.net/session.examples.basic
#3
1
var_dump($_SESSION); will show you the contents of the current session, you can then access the values just like you would on a normal array.
后续代码var_dump($ _ SESSION);将显示当前会话的内容,然后您可以像在普通数组上一样访问这些值。
#4
0
You can check all session value using this one..
您可以使用此选项检查所有会话值。
print_r($_SESSION);