When session sessions are turned on, a cookie that uniquely identifies session_id to the browser (named Phpsessid can be obtained via Session_name () is sent first, with Session.save_handler = Files, a file with no suffix is generated under the server's specified directory (for example, temp) and the name is
Copy CodeThe code is as follows:
' Sess_ ' + ' session_id ';
This completes the basic setup. The next time the HTTP request is launched, the browser will first send all the cookie names and values under the current domain name, so that the server can read the session file according to the session_id in the cookie, without confusing the session to whom it belongs.
This step is detailed as follows:
The session sends a unique cookie variable session_id to the browser, which has a name and value for the session_id variable. The variable name (name) defaults to PHPSESSID, and the value of the variable (value) is a randomly generated string apach, similar to rvag9m368vim7k8g4v7k2ank70. Generally speaking session_id is actually referring to this unique string rvag9m368vim7k8g4v7k2ank70.
Specifically under the HTTP response header of the FF:
Session_Start ();
The above function is completed in the above sentence in the program, if the browser does not send a PHPSESSID cookie to send a past, to be enrolled in this cookie, so that the same session can be maintained.
Well, since we know how the session works, then we can speculate that if the server side sess_rvag9m368vim7k8g4v7k2ank70 This file we manually deleted, then the session fails, if the browser cookie fails, Then the session is still invalid.
In the case of manual:
On the server side, you can use the
Session_ destroy () or session_ unset ()
to invalidate it.
On the browser side:
Can directly
? Setcookie (' Phpsessid ', ', 123);
Make a cookie expire, or another way, but not immediately expire
Session_set_cookie_params ($time);//The second on the current timestamp, for example, 60, that is, let it expire after 60 seconds, do not use Timestamp + time set by yourself.
All of the above is to let the session prematurely expire, but want to directly let the session delay line do not? In addition to modifying the configuration (Session.gc_maxlifetime) is not possible, in php.ini Session.gc_maxlifetime set the expiration time, to this time, there is session.gc_probability/ The probability of session.gc_divisor is recycled. If this time, and started the GC process, GC will go to read the session file modification time (mtime), found that the greater than and the current time after subtracting more than Session.gc_maxlifetime, immediately delete. Here, we also understand how to maintain this session, only in the Session.gc_maxlifetime, must have users in the access, every visit to modify the next session, so that the session and more out of session.gc_ Survival time of the maxlifetime.
Also say Session.cookie_lifetime, set the PHPSESSID in the browser's survival time, by default, 0,ie I found that is normal, browser restart is the cookie expires, FF continues to exist. Set Session.cookie_lifetime can be used Session_set_cookie_params,
Session_set_cookie_params,//60 s session_start ();
Session.gc_maxlifetime and Session.cookie_lifetime together determine the session's survival time.
-------------------------------------------------------------
Just looked for the Firefox cookie session expired data, found the following
This was apparently by design. Check out this Bugzilla bug:https://bugzilla.mozilla.org/show_bug.cgi?id=443354
Firefox has a feature where do I close Firefox and it offers to save all your tabs, and then you restore the browser and th OSE tabs come back. That ' s called session restore. What I didn ' t realize was that it ' ll also restore all the session cookie for those pages too! It treats it like you had never closed the browser.
This makes sense in the sense of if your browser crashed you get right back to where you were, but is a little disconcer Ting for web devs used to session cookies getting cleared. I ' ve got some old session cookie from months ago to were set by sites I always has open in tabs.
To test this out, close all the tabs in your browser, then close the browser and restart it. I think the session cookie for your site should clear in the. Otherwise you ' d has to turn off session restore.
This is the session saving feature of Firefox, which is the FF design. You can do this close all of the tabs in your browser, then close the browser and restart it test to see if it is still saved.
http://www.bkjia.com/PHPjc/325182.html www.bkjia.com true http://www.bkjia.com/PHPjc/325182.html techarticle when session sessions are turned on, a cookie that uniquely identifies session_id to the browser (named Phpsessid can be obtained via Session_name () is sent first, with Session.save_handler = The love of files ...
