A humble opinion of session and Cookie

Everything is difficult at the beginning, not necessarily can write good blog, no, it should be written is not good, but I will definitely intentions.

Previously only knew the session is the existence server, the cookie is the existence client, as far as they work principle does not understand. In order to consolidate their memories, a small summary of the next.
I. First, what is Session,cookie.
The session is the information that is stored on the server after the user logs on to the website, and the cookie is the credential that validates the user and gets the information stored in the session.

Every time we log on to the site, the server generates a session to record the current logged-in user's information, and the site will ask our browser to store a cookie (typically generated by the server PHPSESSID). Each time the browser sends a request, the cookie is passed to the server to verify that the user is logged on.

Two. Session_Start ()
When the program runs to Session_Start (), the server generates a file to store the session information, and a unique SessionID is generated. SessionId(that is, PHPSESSID) is stored as a cookie on the client.

Three. How the session is stored.

The session is stored as a file by default (there is one line in the php.ini file: Session.save_handler = files).
File storage has two drawbacks, 〈1〉high read session is slow, the user volume is still OK, but the user volume of large words will lead to a large number of input and output redundancy, so that the server may not be able to support 〈2〉 multiple servers between the session sharing more complex (see Others with the NFS implementation, But I have not tried it myself).

There is no sharing problem with database storage, but frequent reads and writes are also very resource-intensive.

There is no better way, of course, is to store the session in the cache. Two kinds of caches (Redis and memcache) are described here.

Redis contains five data structures, such as strings, lists, collections, hashes, and ordered collections. Memcache only supports storage for Key-value key values, so Redis is much more powerful than memcache. But Memcache is more lightweight, and Redis consumes a lot of memory. If your site's cache is only used to store session. I think memcache will be better.

Session storage settings (take memcache as an example):

Ini_set (' Session.save_handler ', ' memcache ');
Session_save_path ("tcp://127.0.0.1:11211");

Note: There may be errors in the place, but also some places do not understand, will be modified to add.

A humble opinion of session and Cookie