开发者

Changing symlink destroys PHP session

开发者 https://www.devze.com 2023-02-26 20:26 出处:网络
I am running a PHP/Yii application on Apache.I have tried doing the following: My DocumentRoot is \"www\", which is a symlink开发者_如何学运维.The symlink points to /usr/local/src/releases/mysite-1/

I am running a PHP/Yii application on Apache. I have tried doing the following:

  1. My DocumentRoot is "www", which is a symlink开发者_如何学运维. The symlink points to /usr/local/src/releases/mysite-1/www
  2. I rename the /usr/local/src/releases/mysite-1/www directory to /usr/local/src/releases/mysite-2/www
  3. I remove the old www symlink using: rm -f www
  4. I create a new symlink using: ln -s /usr/local/src/releases/mysite-2/www www

And just doing that causes PHP sessions to be destroyed, without even restarting Apache. Any ideas? I have checked my PHP save_path, and it shouldn't be an issue since I use Redis for session handling. My Apache config looks like:

DocumentRoot "www"
<Directory "www">
   Options -Indexes +FollowSymLinks
   RewriteEngine on
   # if a directory or a file exists, use it directly 
   RewriteCond %{REQUEST_FILENAME} !-f 
   RewriteCond %{REQUEST_FILENAME} !-d 
   # otherwise forward it to index.php 
   RewriteRule . index.php 
   ...

EDIT: I suspect the problem is with Yii. After some further testing, it doesn't look like the session data is actually getting destroyed. And I have switched to file based sessions. Here is what I'm seeing:

  1. User logs in, and session id is set to tdv3l6jgf2sb1dnutt7updhfo1

  2. Session data looks like:

    array(5) { ["20b30da82f6dcc260a66f6a1044a5c3a_id"]=> string(1) "2" ["20b30da82f6dcc260a66f6a1044a5c3a_name"]=> string(8) "ewest fb" ["20b30da82f6dcc260a66f6a1044a5c3afbId"]=> string(10) "1028251971" ["20b30da82f6dcc260a66f6a1044a5c3aisFbUser"]=> bool(true) ["20b30da82f6dcc260a66f6a1044a5c3a__states"]=> array(3) { ["fbId"]=> bool(true) ["isFbUser"]=> bool(true) ["avatar"]=> bool(true) } }

  3. Session file is created under /tmp

  4. I change the www symlink as described above. The session id stays the same, and the session data is intact! But Yii::app()->user->isGuest is evaluating to true. So the session data is still there but Yii thinks I'm logged out!

Is there another location Yii writes user data to? The state.bin file lives in a runtime dir outside of www.


I was not able to figure out what was causing the issue, but I did come up with a workaround.

Instead of:

  1. Change www symlink to d-xxx where xxx is the release version

I now:

  1. Move old release directory "d" to d-yyy where yyy is the old release version
  2. Extract new release to "d"
  3. "www" symlink then still points to "d"

So the real path of the "www" symlink never changes. This fixes the issue, and I have no idea why this works. Along with that, I am manually set the validationKey and encryptionKey of Yii's securityManager.

The only thing I suspect at this point is something wonky going on with APC and my setup.


There is strange code in Yii 1.x: СApplication.php

public function getId()
{
    if($this->_id!==null)
        return $this->_id;
    else
        return $this->_id=sprintf('%x',crc32($this->getBasePath().$this->name));
}

So, you just need to set application id in your application config file.

For example, protected/config/web.php

return  [
         'id'=>'my application'

...

0

精彩评论

暂无评论...
验证码 换一张
取 消