I use OAuth to authenticate at an external website. Everything is okay but the session variable misses after redirecting from external websites.
我使用OAuth在外部网站上进行身份验证。一切都很好,但会话变量在从外部网站重定向后丢失。
Summary: I store a session var in my website then go to login page of other website. After logging in and confirming, it redirects to my callback, when I check the previous session var, it misses! How to fix it?
简介:我在我的网站上存储会话var然后转到其他网站的登录页面。登录并确认后,它会重定向到我的回调,当我检查上一个会话var时,它会错过!怎么解决?
I tried to call session_start() everywhere I use session but it doesn't work. Of course I enabled session in "php.ini" and enabled cookie in browser. :) I debugged but can't find the reason out.
我尝试在使用会话的任何地方调用session_start(),但它不起作用。当然我在“php.ini”中启用了会话并在浏览器中启用了cookie。 :)我调试但找不到原因。
Update: After storing my session var, I do a request like this: http://mixi.jp/connect_authorize.pl?oauth_callback=http%3A%2F%2Fmypage.com%2Fcallback.php&oauth_token=fjdklsfjlksd
更新:存储我的会话var之后,我做了这样的请求:http://mixi.jp/connect_authorize.pl ?oauth_callback = http%3A%2F%2Fmypage.com%2Fcallback.php&oauth_token=fjdklsfjlksd
Note the oauth_callback, it is the redirect URL. I don't know what mixi.jp use to redirect.
注意oauth_callback,它是重定向URL。我不知道mixi.jp用于重定向。
2 个解决方案
#1
3
Make sure your site's domain is 100% identical before and after the redirection.
确保您的网站在重定向之前和之后100%完全相同。
Note that
www.yoursite.com
and
yoursite.com
are two different sites cookie-wise.
是两个不同的网站cookie。
#2
1
The session id is stored in a cookie. The cookie is send in every page of the domain you registered in. Whe you jump to another domain, your cookie with the session id is not send. You must pass the session id to your new domain and then create a new cookie in this domain with the session id.
会话ID存储在cookie中。 cookie将在您注册的域的每个页面中发送。当您跳转到另一个域时,您的cookie不会发送会话ID。您必须将会话ID传递给新域,然后使用会话ID在此域中创建新cookie。
header('Location:redirect.php?session=' . session_id());
And then in the redirected page restore the session
然后在重定向页面中恢复会话
<?php
session_id($_GET['session']);
session_start();
#1
3
Make sure your site's domain is 100% identical before and after the redirection.
确保您的网站在重定向之前和之后100%完全相同。
Note that
www.yoursite.com
and
yoursite.com
are two different sites cookie-wise.
是两个不同的网站cookie。
#2
1
The session id is stored in a cookie. The cookie is send in every page of the domain you registered in. Whe you jump to another domain, your cookie with the session id is not send. You must pass the session id to your new domain and then create a new cookie in this domain with the session id.
会话ID存储在cookie中。 cookie将在您注册的域的每个页面中发送。当您跳转到另一个域时,您的cookie不会发送会话ID。您必须将会话ID传递给新域,然后使用会话ID在此域中创建新cookie。
header('Location:redirect.php?session=' . session_id());
And then in the redirected page restore the session
然后在重定向页面中恢复会话
<?php
session_id($_GET['session']);
session_start();