A Web session can be simply understood as: A user opens a browser, visits a Web site, clicks multiple hyperlinks at the site, accesses multiple Web resources on the server, and then closes the browser, the entire process is called a session.
HTTP protocol is characterized by stateless/no connection, when a browser repeatedly requests the same Web server, the server is unable to distinguish between multiple operations from the same browser (user). Session technology is a way to make it possible for the server to recognize multiple requests from the same browser via the HTTP protocol, making it easier for the browser (user) to go through multiple operations on the same site without the need for additional authentication.
Session Technology classification
1) Cookie Technology
A Cookie is a way for a server or script to maintain information on a client workstation under the HTTP protocol. A Cookie is a small text file that is saved by the WEB server on the user's browser (client) and can contain information about the user. Web sites can access Cookie information whenever a user is linked to a server
2) Session Technology
It is difficult to translate the session directly into Chinese, which is usually translated into time domain. In computer terminology, a session is a time interval between an end user communicating with an interactive system, usually the time elapsed between registering and logging out of the system. And, if necessary, there may be some room for operation. Session technology is to save data to the server side, whenever the user links to the server, the Web site can access the session information
Two kinds of conversational technology differences
1) Security aspects
A) session storage server side, high security
b) Cookie storage browser segment, Low security
2) Data size aspect
A) The number and size of cookies are limited (20/4k)
b) session data storage Unlimited
3) Available data types
A) cookies can only store simple data, values/strings
b) session can store complex data (automatic serialization)
4) Save location aspect
A) Cookies are stored on the browser
b) session is saved on the server
Cookie principle of basic use of cookies
1, the first request, PHP through the Setcookie function to transmit data through the HTTP protocol response header to the browser
2. The browser saves the cookie data to the browser at the time of the first response
3, the browser subsequent request for the same site, will automatically detect the existence of cookie data, if there will be in the request header to carry the data to the server
4, PHP execution will automatically determine whether the browser request to carry a cookie, if written, automatically saved to $_cookie
5. Access cookie Data using $_cookie
Session principle
The session is not browser-independent, but is related to cookies.
1. When PHP encounters Session_Start (), the session is opened and automatically detects SessionID
A) If a cookie exists, use a ready-made
b) If the cookie does not exist, create a SessionID and save it to the browser via the response header in cookie form
2. Initialize the Hyper global variable $_session to an empty array
3, PHP through SessionID to specify the location (session file storage location) to match the corresponding file
A) The file does not exist: Create a SessionID named file
b) The file exists: reads the contents of the file (deserialized) and stores the data in the $_session
4. End of script execution, save all data stored in $_session to sessionid corresponding file
Discussion on the conversational technology of PHP