问题
I am writing a web application that saves POSTed data to a session in one page, then redirects to another page to utilize the created session information. This was after I read that the proper way to process data and display data is to separate them into two different scripts so as not to run into a redundant $_POST data issue. That is, not to keep $_POSTing the same data to the server every page refresh.
I have a view page, index.php, and a data processing page, setDate.php. When viewing index.php, the user can choose to set $_POST['month'] and $_POST['year'] variables via an input form, and submit them to setDate to assign $_SESSION['desMonth'] and $_SESSION['desYear'] respectively.
It wasn't until I added a second (IMO redundant) session_start(); declaration on setDate.php that the code started to work the way I wanted to. Without it, it was as if index.php was ignoring setDate.php's $_SESSION[*] modifications completely.
Why do I have to define this redundant session_start(); if I already started the session (and received the PHPSESSID cookie) on the initial index.php where the $_SESSION[*] data is being used?
Here are some working code snippets:
setDate.php
<?php
require_once 'jan.php';
session_start();
//get the requested month and years to view (iterative).
if(isset($_POST['nextMonth']) && filter_var($_POST['nextMonth'], FILTER_SANITIZE_NUMBER_INT)) { //this filter only allows +- and 0-9
$_SESSION['desMonth'] += sanitizeInput($_POST['nextMonth']);
if($_SESSION['desMonth'] > 12) {
$_SESSION['desMonth'] = $_SESSION['desMonth']-12;
$_SESSION['desYear'] += 1;
}
else if($_SESSION['desMonth'] < 1) {
$_SESSION['desMonth'] = 12;
$_SESSION['desYear'] -= 1;
}
}
//get the explicit month and years to view.
if(isset($_POST['month']) && filter_var($_POST['month'], FILTER_SANITIZE_NUMBER_INT)) {
$_SESSION['desMonth'] = sanitizeInput($_POST['month']);
echo "set month";
}
if(isset($_POST['year']) && filter_var($_POST['year'], FILTER_SANITIZE_NUMBER_INT)) {
$_SESSION['desYear'] = sanitizeInput($_POST['year']);
echo "set year";
}
echo $_SESSION['desMonth'];
echo $_SESSION['desYear'];
header("Location: /");
die();
?>
Truncated index.php
<?php
session_start();
require_once 'cellUpdater.php';
$timeForDateUse = mktime(1,1,10,$_SESSION['desMonth'],1,$_SESSION['desYear']); //this line is used for various formatting below.
...
Without the session_start(); declaration in setDate.php the $_SESSION[*] data will not be preserved. Why?
EDIT: Question answered, editing for imaginary internet points
回答1:
From php.net:
session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.
When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers.
In other words, session_start() does not only create a session when a session does not exists yet, but it also makes it possible for a script to access the current session. It gives read and write access to the $_SESSION variable.
Without session_start, the script cannot write or read from the session, the session is still there but it cannot be read or modified by the script. If you only want to give read access to a session you can call session_write_close(); to close the write access. This can be handy when you want multiple files to open the same session at the same time. When a script has write access it blocks the current session file, blocking all other scripts that want write access to the same session.
If you are lazy and always want a session to be active, you can write
php_flag session.auto_start 1
in a .htaccess file to enable the auto start of a session in php.
来源:https://stackoverflow.com/questions/35040566/php-session-why-is-session-start-required-multiple-times