欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

IIS7,IIS7.5在高版本IE下丢失session,每次刷新页面,都会生成新的sessionID

程序员文章站 2022-05-31 08:46:08
...
测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。

后来测试了一下print session_id();ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。

后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie

session_start();
setcookie('PHPSESSID',session_id());

算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。

现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。

顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。

附上抓包数据(隐去了域名):
IE下:

GET /index.php HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Connection: Keep-Alive
Cookie: has_js=1

HTTP/1.1 200 OK
Cache-Control: public, max-age=600
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000
ETag: "1376286859-0"
Vary: Cookie
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:54:37 GMT
Connection: keep-alive
Content-Length: 9829


POST /?q=front-page&destination=front-page HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://***.***.cn/index.php
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Content-Length: 129
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: has_js=1


HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000
ETag: "1376287352"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 06:02:37 GMT
Connection: keep-alive
Content-Length: 155

firefox下:

GET /index.php HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000
If-None-Match: "1376286970"

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000
ETag: "1376287011"
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:56:56 GMT
Connection: keep-alive
Content-Length: 18842

POST /?q=front-page&destination=front-page HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://***.***.cn/
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 129

HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000
ETag: "1376287182"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:59:47 GMT
Connection: keep-alive
Content-Length: 155

回复内容:

测试脚本为php,IE版本为ie9,其它内核浏览器ff,chrome,safari下都没有这个问题。
发现这个问题的时候,是做了一个登录页,使用$_SESSION来判断,ie就是登不上去,其它浏览器没问题。

后来测试了一下print session_id();ie下每次刷新页面的值都不一样,打开d:\tmp\session(这是php.ini里面设置的session存储位置),每次刷新增加一个session文件,当然这在其它浏览器下也不存在。

后来嘛,临时做了个解决方案,就是在php页面里设置一个cookie

session_start();
setcookie('PHPSESSID',session_id());

算是临时解决了,但是……蛋还是继续的疼下去了,服务器(win2008 x86 iis7 fastcgi php5.2.17nts)上放了一个drupal,经常有人反应登陆不了,不用猜,肯定是用IE登不上,这事烦恼的我啊,我可不想去改drupal... 反正几个月以来,都在找答案。

现在,答案已经没那么重要了,只希望有解决办法,请各位走过路过的朋友们,给点您的经验,帮帮我这迷途的羔羊。。

顺便提一下,在寻找答案的路上,找到了一个和我一样问题的人,但是解决方案我没搞明白,因为可以肯定的是,我的域名没有下划线。。http://forums.iis.net/t/1150171.aspx 请看得明白这个帖子的朋友,也给指点一下。

附上抓包数据(隐去了域名):
IE下:

GET /index.php HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Connection: Keep-Alive
Cookie: has_js=1

HTTP/1.1 200 OK
Cache-Control: public, max-age=600
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:54:19 +0000
ETag: "1376286859-0"
Vary: Cookie
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:54:37 GMT
Connection: keep-alive
Content-Length: 9829


POST /?q=front-page&destination=front-page HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://***.***.cn/index.php
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: ***.***.cn
Content-Length: 129
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: has_js=1


HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 06:02:32 +0000
ETag: "1376287352"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=S2CFFREDq47DBALxDLxlCVzhqnI98MMm4yHPY_k7dho; expires=Wed, 04-Sep-2013 09:35:57 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 06:02:37 GMT
Connection: keep-alive
Content-Length: 155

firefox下:

GET /index.php HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
If-Modified-Since: Mon, 12 Aug 2013 05:56:10 +0000
If-None-Match: "1376286970"

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
Content-Language: zh-hans
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:56:51 +0000
ETag: "1376287011"
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:56:56 GMT
Connection: keep-alive
Content-Length: 18842

POST /?q=front-page&destination=front-page HTTP/1.1
Host: ***.***.cn
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://***.***.cn/
Cookie: Drupal.toolbar.collapsed=0; has_js=1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 129

HTTP/1.1 302 Redirect
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 12 Aug 2013 05:59:42 +0000
ETag: "1376287182"
Location: http://***.***.cn/?q=front-page
Server: Microsoft-IIS/7.0
X-Powered-By: PHP/5.2.17
X-Drupal-Cache: MISS
Set-Cookie: SESS6a2ee0acf5e5bd0d9cea678a1bb7540f=DjNRVBdGXEVPumZnszKG9U8bAP0dHqx5wp8jFhJV81U; expires=Wed, 04-Sep-2013 09:33:07 GMT; path=D:/tmp/cook; domain=.***.***.cn; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 12 Aug 2013 05:59:47 GMT
Connection: keep-alive
Content-Length: 155

自己给自己结贴,终于发现问题出在哪里了,这真的是我的错。
因为我把php.ini里面的一个变量:session.cookie_path的意思理解错了,填成d:\tmp,所以大家都没法登陆进去。现在改成空,已经正常了。

补充一下:
session.cookie_path 是指 session 生效的网站域;
session.save_path 是指存储 session 临时文件的路径。