The difference between a cookie and a session

The cookie data is stored on the client side, and the session data is stored on the server;

The data type stored by a cookie can only be a string, and the session can hold data types other than resources;

The size of the cookie is limited by 4 K and there is no limit to the session;

Cookies can be disabled by the browser, but not by the session;

Cookies are not secure enough to be copied for cookie spoofing, and for security reasons, important information should use the session

The session increases the load on the server, taking into account the server performance, non-essential information should be used to retain the cookie

If the cookie does not set the validity period, the default is that the browser is disabled and the session server is valid for 1440 seconds, 24 minutes

cookie**********************************************
Setcookie ("username", "admin", Php_int_max, "/include");
Expiration Time: Permanent (maximum number of integers allowed by the computer)
"/include" is a valid path, COOKIE read can only be read in the Include directory, not read outside "/include"
Setcookie ("username", $username, Time () +3600, "/include");
Expiry time: 1 hours (3,600 seconds)
Setcookie ("Password", "123456", "/include");

<script type= "text/javascript>
Window.alert (Document.cookie);
</script>
JS method to get Cookie data

Setcookie ("Password", "123456", Time ()-1);
Setcookie ("password", false);
Setcookie ("Password", "" ");
Clear browser Cache
Delete cookie Data

session**********************************************
Session_Start ();
Open session
$_session ["username"] = "admin";
Set session data
echo $_session ["username"];
Reading session data
unset ($_session ["username"]);
$_session = Array ();//Assign an empty array
Delete session data
Session_destroy ();
Destroy, delete, current session file
Echo Session_name ();
Gets the current session name
Echo session_id ();
Gets the current session value
Session_set_cookie_params ()
Use session to modify/Set parameters related to cookies
Setcookie (Session_name (), false);
Delete the cookie data for the session

Probability of garbage collection
Session.gc_probability=1
The molecule that sets the probability;
session.gc_divisor=1000
Sets the denominator of the probability;
Session.gc_maxlifetime = 1440; In seconds, 24 minutes
Session Garbage Collection Time

1. Session Control
Session support for sessions and cookies is provided in native PHP, and support for both of these session controls is also available in thinkphp.

1.1session Support
session (' name ', ' value ') sets a session named name, value is
• $value = Session (' name ') gets a session value named name
session (' name ', NULL) delete a session named name
session (NULL) delete all session values
session () gets all the session values (old version is not this method)
session ('? Name ') determines whether the specified session named name exists

Description: The session method is the Thinkphp encapsulation method (not the PHP built-in method), in the native PHP using the session must be session_start, and the front can not have any output, However, in thinkphp, the session method does not have the above requirements.

1.2. Cookie Support
• Cookies (' name ', ' value ') sets a cookie value named name
• Cookies (' name ', ' value ', 3600) is also set, plus the validity period (in units of s)
• $value = Cookie (' name ') to obtain a cookie value named name
• Cookies (' name ', null) delete a cookie value named name
• Cookies (null) Delete all cookies (not available)
• Cookies () Get all Cookies

Cookie (NULL) This method has a bug, does not delete all the cookies, need to modify the underlying code, the cookie method is defined in functions.php (thinkphp/common/)

Find a cookie method the location of the modification is approximately 1377 rows and 1379 rows, each of which needs to be added one or more conditions "| | Null = = $name ".

Special Note: The above several use methods in the fifth (delete all cookies of that), there is a bug, need to modify the underlying code to use, remember, remember, remember!!!

4, Setcookie (' name ', ' value ', Time () +3600);

Var_dump ($_cookie);

Why is the first time access print out empty?

Default valid domain of the cookie, default validity time, how to destroy? And the difference between the session?

Example:

For example, the first time you log in to the Web site, HTTP request header information does not have cookies, you log in, the server side set a cookie user name, will be stored in your browser side cookies. So on the first request, Var_dump ($_cookie) is empty. When you log in to the site to send a request, the HTTP request header information is sent to the server with a cookie user name. The cookie is not empty at this time.

Cookies are available by default only under the current domain name. The default valid time is that the browser closes the cookie and expires.

Delete Cookies method of:

Set the cookie expiration time to any time before the current time ()-1

Setcookie (Name,false), set the value of the cookie to False

Setcookie (name, '), set the value of the cookie to an empty string

Manually clear the browser cache

The difference between a cookie and a session