During PHP interviews, I often discuss the difference and connection between session and cookie, and how to modify the effective time of the two. Specifically, the cookie mechanism adopts the client-side persistence scheme, while the session mechanism adopts the server-side persistence scheme.
I. cookie introduction
Cookies are often used to identify users. Cookie is a small file that the server stays on the user's computer. When the same computer requests a page through a browser, it sends a cookie at the same time. With PHP, you can create and retrieve the cookie value.
1. set Cookie
PHP uses the SetCookie function to set the Cookie.
The SetCookie function defines a Cookie and attaches it to the end of the HTTP header. the prototype of the SetCookie function is as follows:
Int SetCookie (string name, string value, int expire, string path, string domain, int secure );
Parameter description: cookie name, cookie value, Expiration Time (int), valid path, limited domain name, valid only for https transmission
Note: the currently set Cookie does not take effect immediately, but will not be visible until the next page. this is because the Cookie is transmitted from the server to the client's browser on the configured page, and the Cookie can be retrieved from the client's machine and sent back to the server on the next page.
Example:
Common use:
Setcookie ('name', 'php Huaibei ');
With expiration time:
Setcookie ('name', 'php Huaibei ', time () + 24*60*60); // 1day
The Cookie is path-oriented. it is stored in the current file by default. If no path is set, the cookies in different files are stored in different folders by default, and saved in the mytest folder by default.
2. receive and process cookies
The web communication protocol between the client and the server is http. PHP uses three methods to obtain user data over http: POST, GET, and Cookie. The default PHP transfer method is Cookie, which is also the best method.
For example, if you set a Cookie named MyCookier, PHP will automatically analyze it from the HTTP header received by the WEB server and form a variable named $ myCookie, which is the same as a common variable, the value of this variable is the Cookie value.
3. delete a Cookie
There are two ways to delete an existing Cookie:
1. if you call a SetCookie with only the name parameter, the Cookie named this name will be deleted from the relevant host. for example, setcookie ('name ','');
Another method is to set the Cookie's expiration time to time () or time ()-1. then, the Cookie is deleted after the page is viewed (in fact, it is invalid ). For example, setcookie ('name', 'php Huaibei ', time ()-24*60*60 );
Note that when a Cookie is deleted, its value is still valid on the current page.
Notes for using cookies:
First, it must be set before the HTML file content is output (Cookie is part of the HTTP header, used to transmit information between the browser and the server, therefore, the Cookie function must be called before any HTML file content is output.
On the PHP page, you can use
Ob_start (); // enable
Code .....
Ob_end_flush (); // refresh the cache
Prevents header errors );
Different browsers have different Cookie processing mechanisms.
Cookie restrictions are imposed on the client. A browser can create a maximum of 30 cookies, each of which cannot exceed 4 kB. each WEB site can set a maximum of 20 cookies.
The Cookie currently set does not take effect immediately, but will not be visible until the next page.
II. session introduction
The session mechanism is a server-side mechanism. the server uses a structure similar to a hash (or a hash) to save information, each website visitor is assigned a unique identifier, that is, the session ID, which is stored in either url-based or client-based Cookies. of course, you can also save the Session to the database, which will be safer, but the efficiency will decrease. the security of url-based transmission must be too poor. the PHP Session mechanism is to set the Cookie, save the session id (Session ID) in the Cookie, and generate a session file on the server, associate with users. Web applications store data related to these sessions and transmit data between pages.
PHP functions
There are many Session-related functions in PHP, but we usually use the following functions:
Session_start (): Enables the session mechanism and calls it at the very beginning of the program file that requires the session.
Session_register (): registers the session variable.
Session_unregister (): deletes session variables one by one)
Session_is_registered (): determines whether the session variable is registered.
Session_distroy (): destroys all session variables (destroys all session variables, including files)
Pay attention to the following aspects:
1. the session_start () function must be executed at the beginning of the program, and no output content exists before it; otherwise
The "Warning: Cannot send session cookie-headers already
Sent "warning information similar to this.
2. the session_register () function is used to register related variables to be saved in the session. its usage is as follows:
<?php $val = "session value"; session_register("val"); ?>
Val is the name of the session variable to be registered. do not add the "$" symbol during registration. just enter the variable name.
3. the session_unregister () function is used exactly the same as the above function, but the function is opposite. the above function is registered
The session variable is used to delete the specified session variable.
4. the session_is_registered () function is used to determine whether the session variable is registered.
5. the session_destroy () function is mainly used to destroy all session variables when the system logs out and exits. it has no parameters and can be called directly.
Relationship configuration between Session and PHP. ini
1, session. save_handler = file
The method used to read/write back session data. the default value is files. It allows the PHP session management function to store session data using the specified text file.
2, session. save_path = "/xammp/temp /"
Specify the directory for saving the session file. you can specify a directory to another directory. However, the specified directory must have the write permission for the httpd daemon owner (such as apache or www, otherwise, session data cannot be stored back. It can also be written as session. save_path = "N;/path" where N is an integer. In this way, not all session files are stored in the same directory, but are scattered in different directories. This is very helpful for the server to process a large number of session files. (Note: you must manually create a directory)
3, session. auto_start = 0
If this option is enabled, the session is initialized for each request. It is not recommended that you use session_start () to initialize the session.
The above is all the content of this article. I hope you will like it.