PHP.INI configuration: Session configuration detailed tutorial

For PHP beginners in the PHP runtime environment to set up the configuration is already a headache, not to mention the php.ini configuration, this article in order to achieve the effect of solving practical problems, the first PHP tutorial tutorial on how to pass PHP. ini to configure Session, in order to achieve the basic Session application.
We know that in the use of PHP shopping cart, user login and other interactive web site development, Session is a good solution, if using XAMPP, AppServ and other PHP installation package, under normal circumstances, the PHP Session setting system will be configured if you use Manually configure the PHP operating environment, we need to configure the Session through php.ini, the following details how to configure the Session.

PHP runtime environment instructions

I use DedeAMPZ, PHP version 5.2.4, if you are manually installing the PHP operating environment, you need to rename php.ini-dist or php.ini-recommended to php.ini and copy it in the windows directory .

php.ini session configuration instructions

The following describes the necessary configuration steps to make the session run

Manual configuration PHP runtime environment, the most easily forgotten is a server-side session file storage directory configuration, open the php.ini file, search Session, find the session.save_path, the default value is / tmp, on behalf of the session file is saved in c : / tmp directory, the default tmp directory is not created, you can create a tmp directory under the c drive, or create a different directory, such as leapsoulcn, and then modify the value of session.save_path, and remove; that is

session.save_path = '/ leapsoulcn';

Precautions:

1, generally in order to ensure the security of the server, session.save_path value is best set to the network can not access the directory, the other if you are in the linux server session configuration, be sure to configure this directory as read and write permissions, or Execution session operation error.

2, in the use of session variables, in order to ensure the security of the server, it is best to set register_globals off, to ensure that the global variables are not confused, session_register () registered session variables, you can access through the system global variable $ _SESSION For example, you register the leapsoulcn variable, you can access this variable $ _SESSION ['leapsoulcn'].

session.save_path Configure other notes, translated from the php.ini configuration file

You can define this path using a pattern like "N; [MODE;] / path", where N is an integer that represents a sub-directory that uses the N-level depth instead of keeping all the data files in one directory.

[MODE;] Optional, you must use the octal number, the default 600 (= 384), said the maximum number of session files saved in each directory. [MODE;] does not overwrite the process's umask. php does not automatically create these folder structures. It can be created using the mod_files.sh script in the ext / session directory. If the folder can be insecure user access (such as the default "/ tmp"), it will bring a security vulnerability. When N> 0 automatic garbage collection will lapse, see the specific garbage collection section below.

If you have multiple virtual hosts on your server, we recommend setting different directories for each different virtual host.

So far the most basic session configuration is complete, as long as you save php.ini and restart apache, you can use the session feature.

Other session configuration instructions

session.save_handler = "files"

The default file access session data, if you want to use a custom processor to access session data, such as databases, with "user".

session.use_cookies = 1

Whether to use cookies to save the session sessionid on the client, the default is to use cookies

session.use_only_cookies = 0

Whether to use the cookie to save session sessionid only on the client side, this option allows the administrator to forbid the user from passing the id through the URL. The default is 0, if disabled, the client will disable the session if it is disabled.

session.name = "PHPSESSID"

Session ID name used as cookie name

session.auto_start = 0

Whether to automatically start the session, the default does not start, we know that the session function, we basically in each php script header session_start () function to start the session, if you start this option, in each script header Will automatically start the session, do not need to start each session session_start () function session, it is recommended to turn off this option, the default value.

session.cookie_lifetime = 0

Cookie passing sessionid is valid (in seconds), 0 means that it is valid only when the browser is open.

session.gc_probability = 1

session.gc_divisor = 100

Defines the probability of starting a garbage collection program each time a session is initialized. The formula is as follows: session.gc_probability / session.gc_divisor, such as 1/100, said there is a 1% probability to start the garbage collection process, the more frequent access to the session page, the probability should be smaller. The recommended value is 1/1000 ~ 5000.

session.gc_maxlifetime = 1440

Set the save session file life, beyond this parameter set the number of seconds, the saved data will be treated as 'rubbish' and cleaned up by the garbage collection process. Judgment criteria is the last time the data was accessed (for the FAT file system, the last time data was refreshed). If multiple scripts share the same session.save_path directory but session.gc_maxlifetime is different, the minimum of all session.gc_maxlifetime directives will prevail.

If you set the session.save_path option to use subdirectories to store session data files, the garbage collector does not start automatically. You must use your own shell scripts, cron entries, or other methods to perform garbage collection.

For example, set "session.gc_maxlifetime = 1440" (24 minutes):

cd / path / to / sessions; find -cmin +24 | xargs rm

These are some common session configuration options that more session configuration options that you can refer to the instructions in the php.ini file.

At this point, php.ini configuration file to configure the session on the PHP tutorial is introduced, through the above steps to practice and learn, the basic session functions can be used, as the session performance and other aspects of the server environment needs and needs Fine-tuning, this has its own experience.