无法获得会话存储，我错过了什么？

Question

所以我有这种形式，用户在他的屁股上签名。当用户填写所有的细节时，他点击提交按钮。 Ajax请求提交表单并将所有详细信息放入数据库中。如果发生这种情况没有任何错误，则会打开一个带有两个（付款）按钮的隐藏div。点击iDeal或PayPal按钮后，colorbox打开并显示“概览页面”。现在我想通过$ _SESSION ['user_id']显示数据库中的用户信息。但不知何故，因为“概览页面”为空，所以我没有存储会话orso。

我不确定我错过了什么，任何抬头都会很棒！

这是形式：

<div class="content main container" id="goShowOrderForm"> 
<div class="content main box"> 
<div id="udidOrderForm" class="order form"> 
<form action="post" id="orderForm" name="form"> 

<label for="email">Email</label> 
<input type="email" class="input-fullwidth" name="email"> 

<div class="two-column"> 
<label for="password">Password</label> 
<input type="password" name="password"> 
</div> 

<div class="two-column right"> 
<label for="repassword">Confirm Password</label> 
<input type="password" name="re_password"> 
</div> 

<input type="hidden" name="token" value="<?php echo $_SESSION['guest_token'] ?>"> 

</form> 

<div class="orderFormActions"> 
<input type="submit" class="button darkblue order" name="submitNewStep" id="submitNewStep" value="Nu afrekenen"> 
<div class="button red cancel" id="cancelUdidOrder">Afbreken</div> 
</div> 

</div> 
</div> 

阿贾克斯后一页（以数据存储在数据库提交后）

<?php 
include '../includes/database/db_connect.php'; 
include '../includes/database/functions.php'; 

if($_POST) { 

//Form data 
$email = safe($mysqli,$_POST['email']); 
$guestToken = safe($mysqli,$_POST['token']); 

$password = veilig($mysqli,$_POST['password']); 
$rePassword = veilig($mysqli,$_POST['re_password']); 

//Check if everything has been filled in correctly 
if ($email == '' || $password == '' || $rePassword == '') {  
echo "orderFormRequiredFields"; 
exit(); 
} 

//Check emailFormat 
if (!CheckEmailFormat($email)) { 
echo "orderFormerrorEmailFormat"; 
exit(); 
} 

//Check if email already exist 
$checkIfEmailExist = mysqli_query($mysqli,"SELECT * FROM members WHERE email = '$email'"); 
if (mysqli_num_rows($checkIfEmailExist) > 0){ 
echo "orderFormEmailAlreadyExist"; 
exit(); 
} 

//Check if the two passwords do match 
if ($password == $rePassword) { 
//Als wachtwoorden overeen komen, maak er een hashed pw + salt van 
$salt = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM)); 
$saltedPW = $password . $salt; 
$hashedPW = hash('sha256', $saltedPW); 

} else { 
echo "orderFormErrorPasswordConfirm"; 
exit(); 
} 


$tstamp = time(); 
$token = md5(uniqid(mt_rand())); 
//Add user to the database 
$createUser = mysqli_query($mysqli,"INSERT INTO members (account_active, email, guest_token, password, salt) 
VALUES ('0', '$email', '$guestToken', '$hashedPW', '$salt'); "); 


//begin storing user_id 
//Check for the users salt 
$getSalt = mysqli_query($mysqli,"SELECT salt FROM members WHERE email = '$email';"); 

if (!$getSalt) { 
echo "Error Salt"; 
exit(); 
} 

$row = mysqli_fetch_assoc($getSalt); 
$salt = $row['salt']; 


//Find the user details 
$saltedPW = $password . $salt; 
$hashedPW = hash('sha256', $saltedPW); 
$findUser = mysqli_query($mysqli,"SELECT * FROM members WHERE email = '$email' AND password = '$hashedPW'"); 
$roww = mysqli_fetch_assoc($findUser); 
$user_id = $roww['user_id']; 

//If users exist, count should be 1 
$count = mysqli_num_rows($findUser); 

if($count == 1) { 
$_SESSION['user_id'] = $user_id; 
$_SESSION['email'] = $email; 
} else { 
echo "Error"; 
exit(); 
} 
//end 

echo "succesMsgOrderForm"; 
} 
?> 

这是概述页面的基本

<?php 
include 'includes/database/db_connect.php'; 
include 'includes/database/functions.php'; 

sec_session_start(); 

$user_id = $_SESSION['user_id']; 

$getAllDetails = mysqli_query($mysqli,"SELECT * FROM members WHERE user_id = '$user_id' ") OR die (mysqli_error($mysqli)); 
$row = mysqli_fetch_array($getAllDetails); 
$email = $row['email']; 

?> 
<body> 
user_id is: <?php echo $user_id ?> <br> 
email is: <?php echo $email ?> 
</body> 

谢谢

编辑＃1 sec_session_start（）部分是在functions.php中：

function sec_session_start() { 
    $session_name = 'sec_session_id'; // Set a custom session name 
    $secure = SECURE; 
    // This stops JavaScript being able to access the session id. 
    $httponly = true; 
    // Forces sessions to only use cookies. 
    ini_set('session.use_only_cookies', 1); 
    // Gets current cookies params. 
    $cookieParams = session_get_cookie_params(); 
    session_set_cookie_params($cookieParams["lifetime"], 
     $cookieParams["path"], 
     $cookieParams["domain"], 
     $secure, 
     $httponly); 
    // Sets the session name to the one set above. 
    session_name($session_name); 
    session_start();   // Start the PHP session 
    session_regenerate_id(); // regenerated the session, delete the old one. 
} 

编辑＃2 - 第一部分，我打通颜色框（JavaScript的）

$(document).on('click', '#pay_ideal', function(){ 
    $.colorbox({ 
     width: 500, 
     height: 350, 
     speed: 350, 
     closeButton: false, 
     href:"order-overview.php" 
    }); 
}); 

Answer 1

您需要在刷新会话之前检查会话状态，

function sec_session_start() { 
    $session_name = 'sec_session_id'; // Set a custom session name 
    $secure = SECURE; 
    // This stops JavaScript being able to access the session id. 
    $httponly = true; 
    // Forces sessions to only use cookies. 
    ini_set('session.use_only_cookies', 1); 
    // Gets current cookies params. 
    $cookieParams = session_get_cookie_params(); 
    session_set_cookie_params($cookieParams["lifetime"], 
     $cookieParams["path"], 
     $cookieParams["domain"], 
     $secure, 
     $httponly); 
    // Sets the session name to the one set above. 
    if (session_id() == '') { 
     session_name($session_name); 
     session_start();   // Start the PHP session 
     session_regenerate_id(); 
    } 
}