PHP Session Control: Session and Cookie Details _php instances

Source: Internet
Author: User
Tags php session
This article introduced the PHP session control, mainly elaborated the following several things:

• Background/concept of Session control
Maintenance and life cycle of • Cookies (effective time)
Maintenance and life cycle of session (recovery mechanism)
The difference and connection between the • Cookies and the session
• Question 1: Why does the session expire after disabling cookies?
• Problem 2:ie missing session under browser, each time the page is refreshed, a new sessionid will be generated (normal Firefox browser)
session, Cookie Simple example

Understanding the concept of Session control

Understanding a concept requires understanding his background and the reasons for it, introducing the Web environment and its HTTP protocol. Background of Session control:
Read the information about the HTTP protocol of the students will know that the HTTP protocol is the Web server and the client (browser) communication between the Protocol, it is a stateless protocol, so-called stateless, refers to the HTTP request data is not maintained, the HTTP request is independent, not durable. This means that the HTTP protocol does not have a built-in mechanism to maintain the state or relationship between two transactions. When a user requests a page and then requests another page, HTTP will not be able to tell us whether the two requests are from the same user.

From this we will feel very strange, usually we in the forum to visit the post or e-commerce website shopping, as long as we are in this site, no matter how we jump, from one page to another page, the site will always remember who I am, such as tell you buy what things. This is how to do it, it is estimated that everyone guessed that this is the use of HTTP session control. Tracking a variable in the site, through the tracking of variables, so that multiple requests to establish a link between things, according to authorization and user identity display different content, different pages.

PHP Session Control:

The session ID of PHP is driven by a unique session ID, which is an encrypted random number generated by PHP and saved to the client during the lifetime of the session. We know that the client (ie, the browser) keeps the data in a cookie, so the session ID of PHP is generally stored in the cookie of the user's machine. Knowing the cookie, we know that the browser can disable cookies so that the session becomes invalid. So there is also a pattern for PHP session control, which is to pass the session ID in the URL. If we look at the site with a little attention, some URLs have a string that looks like random numbers, then it is possible that the URL is the form of session control.

In this case, some people may have doubts that the client simply saves a session ID, so the session variables that are stored in the session control, such as the list of items you buy when you shop, are stored in which place? Obviously, session variables are used on the server side, so these session variables must be stored on the server side. By default, session variables are stored in the server's normal file (you can also configure your own database to save, you can Google), the role of the session ID is like a key, in the server side of the file to save the session to find the session ID corresponding to the session variable, such as the purchase of a list of items.

Then the whole process of session control might look like this, when a user logs on or browses a site's page for the first time, the site generates a PHP session ID and sends it to the client (browser) via a cookie. When the user clicks on another page of the site, the browser starts to connect to the URL. Before connecting, the browser searches for locally saved cookies and submits them to the server if there are any cookies in the cookie that are related to the URL being connected. In the case of a login or first connection, a cookie associated with the site URL (the saved session ID) has been generated, so when the user connects to the site again, the site can identify the user from the session ID and remove the session variable associated with the session ID from the server's session file. Thus maintaining continuity between transactions.

Next we understand the next two important concepts: cookies and session

About the maintenance and life cycle of cookies

The cookie is created on the server side and written back to the client browser, and the browser receives the instructions in the response header about the write cookie in the local temp folder.

A cookie file is created that holds your cookie content, and the cookie content is stored as a key-value pair, and the keys and values are only strings. For example:
Files: cookie:administrator@localhost/
Content format: voteid100101localhost/15361167667230343893360385046430343691*

Creation of cookies:

Copy the Code code as follows:
The Setcookie () function sets the cookie, the function prototype is as follows
Setcookie (name, value, expire, path, domain);

Note: The cookie header must be sent before the other header headers are sent, otherwise it will be invalid (this is a cookie limitation, not PHP's limit). When a cookie is sent, the value of the cookie is automatically URL-encoded and automatically decoded upon retrieval (to prevent URL encoding, use Setrawcookie () instead).

Maintenance of cookies:

Cooke has four identifiers: the name,domain,path,secure tag of a cookie. To change the value of this cookie in the future, you need to send another Set-cookie message header with the same cookie Name,domain,path, which will be a new

Value to overwrite the value of the original cookie. However, if just changing one of these options will create a completely different cookie, such as just changing the name value.

Cookie expiry time:

You can set the expiration time, and if you do not set it to a session level, then closing the browser disappears. When a cookie is created with an expiration date, the expiration date is associated with a cookie that is identified by Name-domain-path-secure. To change the expiration date of a cookie, you must specify the same combination. When changing the value of a cookie, you do not have to set the expiration date every time because it is not part of the cookie identification information. For example:

Copy the Code code as follows:
Setcookie (vote, $id +1,time () +3600*24);
Setcookie (vote, $id);

The expiration date on the cookie has not changed because the cookie identifier is the same. In fact, only you manually change the expiration date of the cookie, otherwise its expiration date will not change. This means that in the same session, a session cookie can become a persistent cookie (one that can exist in multiple sessions) and vice versa. In order to turn a persistent cookie into a session cookie, you must delete the persistent cookie, which can be achieved by setting its expiration date to create a session cookie of the same name after a certain period of time in the past.

Remember that the expiration date is verified on the basis of the system time on the computer running the browser. There is no way to verify that the system time is synchronized with the server's time, so there is an error setting when the server time differs from the browser's system time.

Cookies are automatically deleted:

Cookies are automatically deleted by the browser, and there are several reasons for this:
Conversation Cooke (Session cookie) is deleted at the end of the session (browser off)
Persistent cookies (persistent cookies) are deleted when the expiration date is reached, such as:
Copy the Code code as follows:
Setcookie ("Vote", "", Time ()-3600);

If the cookie in the browser is restricted, the cookies are deleted to create a space for creating new cookies.

About the maintenance and life cycle of the session

Session is a server-side storage space maintained by the application server, when the user connects to the server, it is created by the server to generate a unique SessionID, using the SessionID as an identifier to access the server side of the session storage space, during the session, Unique SessionID assigned to the client to identify the current user and differentiate it from other users. The SessionID accepts each access request, thus identifying the current user, tracking and maintaining the user's specific information, as well as session variables, can be stored in the session digital or text data. such as session_name. This information is stored on the server side. Of course, SessionID can also be saved to the database as session information, which is persisted. This keeps track of the number of users logged in, online, online, and so on to maintain the relationship between HTTP stateless things. Session content storage is a list of key-value pairs, the key is a string type, session storage is more convenient, the value can be an object.

During session sessions, the session is stored on both the client and server side two files, and the client can be a cookie-saved SessionID (the default method of saving) or passed through a URL string. The server side is typically stored as text in the specified session directory. On the server side we can use Session.use_cookies to control which method the client uses to save. If defined as a cookie, we can control the validity of the cookie stored on the client by Session.cookie_lifetime (the default value of 0, clearing the browser). And if the client uses cookies to save the SessionID, then the "temporary" cookie is saved (the name of the cookie is PHPSESSID, through Firebug you can learn the detailed information, the name you can pass PHP.ini Session.name), when the user submits the page, the SessionID is submitted to the server side to access the session data. This process is not a developer intervention.

Session creation:

Copy the Code code as follows:
Session_Start ()//Start a session and return a session that already exists

Function: Initializes the session and also identifies the beginning of the session life cycle. To use the session, you must initialize a session environment, a bit similar to the idea of calling a constructor construct to create an object instance in the OOP concept. Session initialization operation, declares a global array $_session, maps the session data that is present in memory. If the session file already exists and the session data is saved, session_start () reads the session data, fills in the $_session, and begins a new session life cycle.

Note: This function has no parameters, and the return value is true, if you use cookie-based sessin, you cannot have any output before session_satrt (), including whitespace
If Session.auto_start=1 is turned on in PHP.ini, the session_start () is executed on each page without manual setting, which is turned off by default and cannot be placed in session after opening.

Session ID:

User session Unique identifier, a randomly generated string of strings, with uniqueness, randomness. It is mainly used to distinguish the session data of other users. When a user accesses a Web page for the first time, the PHP session initialization function call is assigned to the current visiting user with a unique ID, also known as session_id.

Get session_id ():

Copy the Code code as follows:
echo $_cookie[' Phpsessid ']. '
';
Echo $_cookie[session_name ()]. '
';
Echo session_id (). '
';

Session data:

We put the user status information that needs to be saved through the session, called the user session data, also known as session. The corresponding $_session data is usually in the current session life cycle. Once the Session_Start () initialization session is called, it means that a session life cycle is started. It is announced that you can use the correlation function to manipulate $_session to manage session data. The data generated during the session life cycle is not written to the session file in real time, but is sent to memory via $_session variables. $_session is a global variable, and the type is an array, which maps the session data of the session life cycle, which is in memory. When the session is initialized, the data is read from the session file and filled into the variable. At the end of the session (life cycle), write the $_session data back to the session file.

Register a Session variable:

After PHP4.1, the session variable is saved in the Super Global array $_session. To create a session variable, you only need to set an element in the array, such as:
Copy the Code code as follows:
$_session[' domain '] = blog.php.net;
$_session[' Poll ']=$_session[poll] + 1;

Use a Session variable:
Copy the Code code as follows:
echo $_session[' Blogdomain ']; Print out blog.php.net, you must first start a session with the Session_Start () function before using the session

Unregister Session variables/Destroy sessions:

Copy the Code code as follows:
Unset ($_session); Destroying a single session variable
such as: unset ($_session[' blogdomain ');
#unset ($_session) This function destroys the global variable $_session, and there is no viable way to recover it. The user can no longer register the $_session variable, so this function must not be used.

Session_unset (); Multiple releases. Release all variables that are logged in the session file
#在session生命周期, unregister all session data from the current session and let $_session become an empty array. It differs from unset ($_session) in that unset deletes the $_session variable directly, freeing the memory resource, and the other difference is that session_unset () can manipulate the $_session array only during the SESSION life cycle, and unset () The $_session array can be manipulated throughout the page life cycle. Session_unset () also does not perform any IO operations, affecting only the $_session array.

$_session=array (); Multiple releases, releasing all variables that are logged in the $_session parameter

Session_destroy ();
#当使用完一个会话后, you should first unregister all the variables, then call the function to end the current session, and empty all the resources in the session to delete the session file on the server. The function does not unset (releases) the global variables associated with the current session. Also does not delete the client's session cookie
#如果说session_start () Initializes a session, and it unregisters a session. means that the session life cycle is over. After the session life cycle is complete, session_unset, $_session[' domain ' will not be able to manipulate the $_session array, and the $_session array can still be manipulated by functions such as unset (). At this point, the session means undefined, and $_session is still a global variable, and they are out of the mapping relationship.
Logging out of the session via Session_destroy (), in addition to ending the session life cycle, will also delete the Sesion file, but will not affect the current $_session variable. That is, it generates an IO operation.

Note:

1, PHP default session is based on cookies, if you want to delete cookies, you must use the Setcookie () function
2, Session_unset () and unset () function differences:

During the session life cycle, Session_unset () unregisters all session data from the current session, making $_session an empty array. It differs from unset ($_session) in that unset deletes the $_session variable directly, freeing the memory resource, and the other difference is that session_unset () can manipulate the $_session array only during the SESSION life cycle, and unset () The $_session array can be manipulated throughout the page life cycle. Session_unset () also does not perform any IO operations, affecting only the $_session array.

Session life cycle (Session lifetime): Session Expiration time and expiration recovery mechanism
We start the initialization session until we unregister the session, called the Session life cycle
By default, PHP will save the session in the PHP.ini configuration Session.save_path set directory, the file name looks like this: sess_ves0d7uvdsab9k6sig73mnn592. Each of the files corresponds to a session. The session file format is roughly as follows:

Copy the Code code as follows:
Poll_200|i:1;poll_100|i:3; #变量名 | Type: Length: Value

Set the session life cycle:

The PHP session is cookie-based, so to set the session life cycle, first set the cookie expiration time. Because the session is useful when a client (such as a browser) logs on to a Web site, first the client has a cookie to find the file on the server through the session ID in the cookie.
Copy the Code code as follows:
Session_Start ();
$lifeTime = 24 * 3600; Save the day
Setcookie (Session_name (), session_id (), time () + $lifeTime, "/");

In fact PHP5 session also provides a function session_set_cookie_params (); To set the lifetime of the PHP5 session, the function must be called before the session_start () function call:
Copy the Code code as follows:
$lifeTime = 24 * 3600; Save the day
Session_set_cookie_params ($lifeTime);
Session_Start ();

On the server side, how does PHP determine if the session file expires?
Copy the Code code as follows:
Session.gc_maxlifetime = 1440 (initial value)
#设置session存活时间, the unit is seconds. Each time the GC is started, the Unix time that the session file was last accessed is obtained by stat, and the file is deleted if the current time minus the last access time between the files is greater than session.gc_maxlifetime.

If the "Last modified time" to "now" exceeds Session.gc_maxlifetime (default is 1440) seconds, that is, in the time set here, the file has not been modified, the session file is considered to be expired, Because the PHP5 session uses the passive recovery mechanism, the expired session file does not disappear itself, but by triggering "recycling" to process the expired session, then the next time the session is recycled, if the file is still not changed, The session file will be deleted (the session will expire).

When does session recycling occur?

By default, every PHP request will have a 1% probability of recycling, so it might simply be understood as "there may be one recovery probability per 100 PHP requests". This probability is controlled by the following parameters:

Copy the Code code as follows:
session.gc_probability = 1 (initial value)
Session.gc_divisor = 100 (initial value)
#由这二个函数决定了启用GC的概率, the default is 1/1000. That is, the GC recycle session is started once per 1000 user requests. It is not advisable to start the GC process too frequently. Sites that are accessed too frequently and have a large number of concurrent sites can reduce the frequency of PHP GC startup. PHP GC Recycling session will reduce the efficiency of PHP execution.

These two combine to start the Gabadge Collection (GC) process management probabilities at the beginning of the session (Session_Start ()). Gabadge collection to track session information file after startup. Its starting probability is session.gc_probability/session.gc_divisor. This means that not every session information file has 100% of the system treated as garbage. If you close the browser directly, the session information file in many cases are left on the server, if the probability of change to 100%, although Gabadge collection is fully activated, but this will add load to the server, also lost the meaning of the GC itself.

Additional notes:

1, assuming this situation session.gc_maxlifetime=1440, if the last modification time of a session file is 1440 seconds ago, then the next recovery (1/100 probability) occurs before the session is still valid;

2, if your session uses Session.save_path in the use of other places to save the session,session recycling mechanism may not automatically process the expired session file. At this time need to regularly manually (or crontab) Delete expired session:cd/path/to/sessions; Find-cmin +24 | Xargs RM;

3, note that when the server-side session file number is not effectively recycled, and gradually grow to GB or more of the level may be your site in access to the session will be more and more slowly, more commonly seen in the site login logout will be affected;

4, log, weekly, monthly report, etc. when we finally submitted the key, sometimes "invalid operation, please login and retry" and other messages, the reason is also self-evident, may be the session failure, GC clear those already "timed out" session file.

Some special cases:

Because the recycle mechanism will check the file's "Last Modified time", so if a session is active, but the content of session has not changed, then the corresponding session file has not changed, the recycling mechanism will consider this is a long time inactive session and delete it. This is something we don't want to see, and can be solved by adding the following simple code:
Copy the Code code as follows:
<?php
if (!isset ($_session[' last_access ')) | | (Time ()-$_session[' last_access ')) >120)
$_session[' last_access '] = time ();
?>//code will try to modify the session every 120 seconds

Understand the difference between a cookie and a session

The same point: you can solve the problem of HTTP stateless, so that the same client in the site to access multiple requests, you can save, set up information, and the request to establish a connection between things.

Different points: Simply say the cookie information is saved on the client, session information is saved on the server side.

Session using key-value pairs, that is, the ID of the client, and the value placed on the server side, the user's ID to find the corresponding value on the server, this way value placed on the server side, there is a time limit, time to the server automatically recycle/release.

Cookies have two methods, one is to save the value in the browser variable, when the browser closes, the other way is saved on the hard disk, as long as the time is not enough, the next time can be used.

Contact: When a client uses a cookie-based SessionID, SessionID is generally stored in a cookie.

Note: Cookies are shared between browsers of the same kernel, and different kernel browsers are not shared, such as Firefox and IE (storage locations are different and of course not shared). Different kernel browsers cannot share cookies and can also produce different sessionid.

Question 1: Why does the session expire after disabling cookies?

First of all: The session does not have to rely on cookies, except that PHP default client sessionid is stored in cookie-based manner.

Here, I think you should also understand that the default session of the PHP client save is based on cookies, so once the client disables cookies, then the session will be invalidated, do not know whether the description is appropriate, the vulgar state of things to change state, Only on both sides of the comparison, if the cookie to save the SessionID, the client side of the comparison conditions placed in the cookie, so the client-side disable cookie,session will also be invalidated. PHP's session Client ID typically has two ways of saving: cookie and URL. If you save the session ID in a cookie, you can see a phpsesid variable (which can be viewed via Firefox) in your browser's cookie. If the URL is passed (it is recommended to use a hidden form pass), you can see the shape: index.php? The URL of the phpsesid=ves0d7uvdsab9k6sig73mnn592. For example:
Copy the Code code as follows:
demo1.php
<?php
Session_Start ();
$_session[' blog ']= ' http://blog.php.net ';
echo "Test2";
?>

demo2.php
<?php
Session_Start ();
Echo ' SESSION value is '. $_session[' blog '];
?>

Run the above code, in the client cookie under normal circumstances, I can print out in demo2.php $_session[' blog ' value is: http://blog.php.net. However, now if you manually disable the client's cookie and then run the instance, you may not get the result. Because the default client-side SessionID is saved in a cross-page, the SessionID of the previous page is not read, when the session_start () is executed, a session file is generated and corresponding session ID is generated, using this session The ID is not the variable in the first session file mentioned above, because the session ID is not the "key" to open it. If the Session_Start (), preceded by the Code session_id ($sessionid), will not generate a new session file, directly read the session file corresponding to this ID. The simple is to get the session ID on the previous page, and then find a way to pass to the next page, the next page of Session_Start (), code before the code session_id (pass over the SessionID); For example:
Copy the Code code as follows:
demo.php
<?php
$sid = $_get[' sid '];
if (!empty ($sid)) {
session_id ($SID);
Session_Start ();
}else{
Session_Start ();
$sid = session_id ();
}
?>

demo2.php
<?php
$sid = $_get[' sid '];
if (!empty ($sid)) {
session_id ($SID);
Session_Start ();
}else{
Session_Start ();
$sid = session_id ();
}
$id = $_post[' id '];
$key = ' Poll_ '. $id;
if ($id! = ") {
echo $key = ' Poll '. $id;
if (!empty ($_session[$key])) {
$_session[$key]=$_session[$key] + 1;
}else{
$_session[$key]=1;
Setcookie ($key, $id +1,time () +3600*24);
}
Echo ';
}else{
Echo ';
}
?>

In addition, we can also store the client Phpsesid in a file, such as:
Copy the Code code as follows:
demo.php
Session_Start ();
$_session[' Blogdomain ']= ' http://blog.php.net ';
$sid =session_id ();
$FP =fopen ("D:\tmp\websid.txt", "w+");
Fwrite ($fp, $sid);
Fclose ($FP);
Echo ' Demo2 ';

demo2.php
$FP =fopen ("D:\tmp\websid.txt", "R");
$sid =fread ($FP, 1024);
Fclose ($FP);
session_id ($SID);
Session_Start ();
Print_r ($_session);

When the client disables cookies, there are several ways to change the session's dependency on the client cookie, leaving the session open to the client cookie:

1. Set session.use_trans_sid = 1 in php.ini or open the--ENABLE-TRANS-SID option at compile time to have PHP automatically pass the session ID across pages. When Session.use_trans_sid is valid, ession.use_only_cookies must be set to invalid 0.

2, manually pass the URL value, hide the form passed session ID.

3, file, database and other forms to save session_id, in the process of cross-page manual call.

PHP also provides a function:
Copy the Code code as follows:
Output_add_rewrite_var (String $name, String $value) # variable name variable value

Description: This function adds a name/value pair to the URL rewrite mechanism. This name value pair will be added to the URL (in the form of a Get parameter) and form (in the form of a hidden field in input) and can also be added to the session ID when transparent URL rewriting is opened with Session.use_trans_sid. Be aware that the absolute URL (http://php.net/.) cannot be overridden. The behavior of this function is controlled by the url_rewriter.tags php.ini parameter.

Copy the Code code as follows:
<?
Session_Start ();
Output_add_rewrite_var (' Phpsessid ', session_id ());
Echo ' demo ';
?>

This sessionid will follow the URL and the SessionID hidden value will appear in the From.

Change session Client ID Save method:

Session.use_cookies//control which method the client uses when saving SessionID, when it is "1", the session cookie is started (initial value is 1)
You can use the function we mentioned above to query to get the current session Id:echo $_cookie["Phpsessid"];
However, if the client's browser does not support cookies, even if the value of the session.use_cookies parameter equals "1", the query above will only get null.

Two configuration parameters in php.ini that are related to this option:
Copy the Code code as follows:
Session.use_cookies = 1//Whether to use cookies (the default value is 1)
Session.use_only_cookies=1//1 Only use cookies, 0 can use cookies and other methods, if the client cookie is available, then the session is the default cookie (default value is 1)

Note: If the customer's browser is cookie-enabled, "session.use_only_cookies = 1" is highly recommended, and when Session.use_only_cookies is valid, even if you want to pass the session via a URL The ID is also considered invalid, which can reduce the likelihood of being attacked by SessionID. Above two configurations, set the way in the PHP code page:
Copy the Code code as follows:
Ini_set (' session.use_cookies ', ' 1 ');
Ini_set (' session.use_only_cookies ', ' 1 ');

IE lost session, each refresh page, will generate a new SessionID (Firefox browser is normal)

If this problem occurs with your server or site, configure the Session.cookie_path site domain correctly if the configuration error can cause the following common failures:

(1) Each client of the PHPSESSID on the server side will be a one-to-one correspondence to generate a separate session record stored on the server side, so the server side session file redundancy will increase (GC recovery mechanism is abnormal, when the site traffic is large)

(2) Sites that use the session to record information may experience problems with browsers other than Firefox (Chrome not tested), such as: Shopping carts cannot record purchases, site login failures, etc.

Copy the Code code as follows:
Session.cookie_path refers to the site domain in which the session takes effect;
Session.save_path refers to the path where the session temporary files are stored.
Example: valid path for session.cookie_path=///cookie

Add: If all browser access refreshes generate new SessionID, check that the client has disabled cookies.

Session Simple Example

Use the session to prevent the form from repeating the submission:
Copy the Code code as follows:
<?php
Session_Start ();
$_session["num"] = 0;
if (Isset ($_post["action"] && $_post["action"]== "POST") {
if ($_session["num"] = = 0) {
echo "submitted successfully! ";
$_session["num"] = 1;
}else{
echo "Do not repeat submissions!" ";
}
}
?>

Use Session mode login Authentication Instance code:
Copy code code as follows:
<?php
Session_Start ();//start session, must be placed in the first sentence, Otherwise, there will be an error.
if ($_get[' out ']) {
unset ($_session[' id '));
unset ($_session[' Pass ');
}
if ($_post[' name ']&&$_post[' password ') {
//is used to set SESSION
$_session[' id ']=$_post[' name '];
$_session[' pass ']=$_post[' password ';
}
if ($_session[' id ']&&$_session[' pass ') {
echo "login succeeded!)
User id: ". $_session[' id ']."
User password: ". $_session[' pass ');
echo "
";
echo "Logout session";
}

?

Login authentication using cookies:
Copy the code code as follows:
if ($_get[' out ')} {//Used to unregister cookies
Setcookie (' id ', " ");
Setcookie (' Pass ', "");
echo ""; Because cookies are not effective in time, they only take effect when you refresh them again, so the page automatically refreshes when you log off.
}
if ($_post[' name ']&&$_post[' password ')//If the variable username and password exist, set the cookie below
{//For setting Cookies
Setcookie (' id ', $_post[' name '],time () +3600);
Setcookie (' Pass ', $_post[' password '],time () +3600);
echo ""; Allow cookies to take effect in a timely manner
}
if ($_cookie[' id ']&&$_cookie[' pass ')} {//cookies is successfully set up to display cookies
Echo login successful!
User name: ". $_cookie[' id ']."
Password: ". $_cookie[' pass ');
echo "
";
echo "Log off cookies";
}
?


Use session random code to verify voting legitimacy:
Copy code code as follows:
list.php Options Page
Session_ Start ();
$tokenKey = MD5 (rand (1,100));
$_session[' tokenkey '] = $tokenKey;
Note: Random code is passed in at the same time as the value $tokenkey

Vote.php Voting Action Execution page
$tokenKey = $_session[' Tokenkey ');
if ($_post[' tokenkey '! = $tokenKey) {//Determine if the random code is the same as the previous page
echo ""; Invalid random code
Exit
}else{
Perform voting operations;
Empty random code stored in session
}

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.