In-depth explanation of PHPSession and how to keep it from expiration

This article mainly introduces the PHPSession and how to keep it from expiration, including the explanation of the Session recycling mechanism and the solution to the problem that SessionId remains unchanged. For more information, see

This article mainly introduces the PHP Session and how to keep it from expiration, including the explanation of the Session recycling mechanism and the solution to the problem that SessionId remains unchanged. For more information, see

The COOKIE technology is used in the implementation of the SESSION. The SESSION will save a COOKIE containing session_id (SESSION number) on the client, and save other session variables on the server, such as session_name. When a user requests a server, the session_id is also sent to the server. The session_id is used to extract the variables stored on the server to identify who the user is. At the same time, it is not difficult to understand why the SESSION sometimes fails.

When the client disables cookies (click "Tools"-"Internet Options" in IE, and click "security"-"Custom Level" in the pop-up dialog box, set "allow COOKIE for each conversation" to disabled). session_id cannot be passed, and the SESSION becomes invalid. However, php5 can automatically check the cookie status on linux/unix platforms. If the client is disabled, the system automatically attaches session_id to the url for transmission. Windows host does not have this function.

Common Session functions and usage?
Session_start (): Start a session or return an existing session.
Note: This function has no parameters and returns true. If you use cookie-based sessions, the browser cannot output any output before Session_start (). Otherwise, the following error occurs:
Warning: Cannot send session cache limiter-headers already sent (output started at/usr/local/apache/htdocs/cga/member/1.php: 2 )............

You can start session. auto_start = 1 in php. ini, so you do not need to call session_start () every time before using the session (). However, enabling this option also has some restrictions. If the session is enabled. auto_start, the object cannot be put into the session, because the class definition must be loaded before the session is started to recreate the object in the session.
All registered variables are serialized after the request ends. Registered but undefined variables are marked as undefined. In subsequent access, these variables are not defined by the session module unless you define them later.

Warning some types of data cannot be serialized and therefore cannot be stored in sessions. Including resource variables or objects with circular references (that is, an object passes a reference pointing to itself to another object ).

Register SESSION variables:
PHP5 registers the SESSION global variable with $ _ SESSION ['xxx'] = xxx. Similar to GET, POST, and COOKIE usage.
Note: session_register (), session_unregister, and session_is_registered are no longer used in php5 unless register_globle is set to on in php. ini. However, it is strongly recommended to disable register_globle for security reasons. HTTP_SESSION_VARS is not recommended. We recommend that you use $ _ SESSION instead. For example:

Page1.php

<? Php Session_start (); // This function must be called before SESSION is used. $ _ SESSION ['name'] = "I am a black tornado Li Yun !"; // Register a SESSION variable $ _ SESSION ['passwd'] = "mynameislikui"; $ _ SESSION ['time'] = time (); echo 'pass SESSION through cookies '; // if the client supports cookies, the session can be passed to the next page through this link. Echo '. SID.' "> pass SESSION through URL '; // when the client does not support cookie, use this method to pass session.?>

Page2.php

<? Php session_start (); echo $ _ SESSION ['name']; // echo $ _ SESSION ['passwd']; // echo date ('y m d H: I: s ', $ _ SESSION ['time']); echo 'back to a mountain page';?>

There are two ways to pass a session ID:

Cookie

URL parameters

The session module supports these two methods. Cookies are more optimized, but they are not always available and provide alternative methods. The second method directly embeds the session ID in the middle of the URL.

PHP can transparently convert the connection. Unless PHP 4.2 or later is used, it needs to be activated when PHP is compiled manually. In Unix, use -- enable-trans-sid to configure options. If this configuration option and the runtime option session. use_trans_sid are activated (modify php. ini), The URI will be automatically changed to include session ID.

Session_id
Session_id () is used to set or obtain the current session_id. In php5, you can use session_id () or get the session_id and session_name of the current session by the SID appended to the url.
If session_id () has a specific value, it will replace the current session_id value. Before using this function, you must start the session: session_start ();
When session cookies are used, if a session_id () value is specified, each time session_start () is started, a cookie value will be sent to the client. Whether or not the current session_id is equal to the specified value.
If no value is specified for session_id (), the current session_id () is returned. If the current session is not started, an empty string is returned.

Check whether the session exists?
In previous php versions, session_is_register () is used to check whether a session exists. If you use $ _ SESSION ['xxx'] = XXX to register a session variable, session_is_register () function no longer works. You can use
Isset ($ _ SESSION ['xxx.

If session_id session_regenerate_id () is changed successfully, true is returned. If it fails, false is returned.
This function can be used to change the session_id of the current session, but does not change other information of the current session. For example:

<? Php session_start (); $ old_sessionid = session_id (); session_regenerate_id (); $ new_sessionid = session_id (); echo "original SessionID: $ old_sessionid"; echo "New SessionID: $ new_sessionid "; echo" "; print_r ($ _ SESSION); echo" ";?>

Session_name () returns the name of the current session or changes the name of the current session. To change the name of the current session, you must call this function before session_start. Note: session_name cannot be composed of only numbers. It must contain at least one letter. Otherwise, a new session id will be generated every moment.
Session renaming example:

$ Previus_name = session_name ("WebsiteID"); echo "new session name: $ previous_name";?>

How to delete a session?
1. unset ($ _ SESSION ['xxx']) deletes a single session. unset ($ _ SESSION ['xxx']) is used to unregister a registered session variable. It works the same as session_unregister. Session_unregister () is no longer used in PHP5 and can be used in the Cold palace.
Unset ($ _ SESSION) is not available. It destroys the global variable $ _ SESSION and there is no feasible way to restore it. You can no longer register the $ _ SESSION variable.
2. $ _ SESSION = array () delete multiple sessions
3. session_destroy () ends the current session and clears all resources in the session .. This function does not unset (release) The global variables related to the current session, nor delete the client session cookie. the default session of PHP is cookie-based. to delete a cookie, you must use the setcookie () function.
Return Value: Boolean value.
Function Description: This function ends the current session. This function has no parameters and returns true.

Session_unset () If $ _ SESSION is used, this function no longer works. Since PHP 5 must use $ _ SESSION, this function can be used in the cold room.

The following is an official PHP case concerning session deletion: