Cookie and session in session Technology

Why use session technology?

A session is literally a conversation between two people, that is, communication between two people. Here we talk about communication on the Web Side of the computer, because the Internet transmits information based on HTTP, HTTP transmission is a stateless protocol. The absence of a status means that the previous content must be retransmitted later. That is, every connection is an independent request, which will cause inconvenience to our program. For example, if we want to log on to a website to purchase products, do we need to log on to every page that we open, the answer is no. I can pass a parameter to my website. Although this can be achieved, it does not have a substantial effect or security. Anyone can log on to the website. In this case, we need to use the following technology cookies and sessions to achieve user login and tracking.

Cookie

Cookie is a browser technology that stores data in a browser (mainly stored in a file in a browser). Because cookies are stored in a browser in the form of files, they are also differentiated by browsers. Because cookies are sent from the server to the browser, all data stored in the browser can be controlled by the server, such as what to save and the saved status. Each time a browser sends a request, it carries a cookie, meaning that the server can obtain the cookie data each time, and the cookie data of each request is shared. This solves our stateless problem and uses setcookie () to set our cookie value.

When you set the cookie value for the first time, the server first responds to a cookie value. In the next request, if there is a cookie, it will carry it. So when you set a cookie for the first time, he will not carry it.

Based on your own ideas, you can simply use cookies to implement the login function. Delete a cookie to make the cookie time expire. Use setcookie ('cookie name', time ()-1 );

Session

Session technology is similar to Cookie technology and is used to store user information. The biggest difference is that cookie stores data in the client computer, while session stores data in the server system, it is safer than being operated by users or others. We enable the session through session_start () and return the existing session. When a session value is set, a session identifier created by the server for the user is saved on the client to become the session ID.
$ _ Session ['name'] = "zhangsan"; delete a session named name: unset ($ _ session ["name"]),
The session is based on cookies. This is usually the case. Can a session be used after cookies are disabled? Theoretically, the answer is yes. You can pass the session ID through get, but this is not safe enough. Now all browsers do not disable cookies, so we can use cookie-based sessions.

Sleepy. Go to bed first. Continue tomorrow. Be sure to understand the principle ..

Cookie and session in session Technology