Details about the PHP session storage method. Check whether the session is enabled automatically or manually through session_start ():; specify whether the session module automatically starts a session when the request starts. The default value is 0 (not started). check whether the session is automatically enabled or manually enable it through session_start:
; Specifies whether the session module automatically starts a session when the request starts. The default value is 0 (not started)
; Initialize session on request startup.
Http://php.net/session.auto-start
Session. auto_start = 0
On the client side, sessions can be stored in cookies or obtained through URL parameters. Server-dependent configuration:
; Specifies whether to use cookies on the client to store Session IDs. The default value is 1 (enabled)
; Whether to use cookies.
Http://php.net/session.use-cookies
Session. use_cookies = 1
; Specifies whether to use cookies only on the client to store Session IDs .. Enabling this setting prevents attacks related to passing session IDs through URLs.
; This option forces PHP to fetch and use a cookie for storing and maintaining
The session id. We encourage this operation as it's very helpful in combatting
; Session hijacking when not specifying and managing your own session id. It is
; Not the end all be all of session hijacking defense, but it's a good start.
Http://php.net/session.use-only-cookies
Session. use_only_cookies = 1
If you confirm that the session is stored in the cookie, you can configure the configurations of the session stored in the cookie, such as cookie_name, cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
; Name of the session (used as cookie name ).
Http://php.net/session.name
Session. name = PHPSESSID
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
Http://php.net/session.cookie-lifetime
Session. cookie_lifetime = 0
; The path for which the cookie is valid.
Http://php.net/session.cookie-path
Session. cookie_path =/
; The domain for which the cookie is valid.
Http://php.net/session.cookie-domain
Session. cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting versions as JavaScript.
Http://php.net/session.cookie-httponly
Session. cookie_httponly =
On the server side, you can also store sessions in multiple ways. The default session is stored in the file. session. save_path is the path for creating the storage file.
; Handler used to store/retrieve data.
Http://php.net/session.save-handler
Session. save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; Where data files are stored. Note: Windows users have to change this
; Variable in order to use PHP
'S session functions.
;
; The path can be defined:
;
; Session. save_path = "N;/path"
;
; Where N is an integer. Instead of storing all the session files in
;/Path, what this will do is use subdirectories N-levels deep, and
; Store the session data in those directories. This is useful if you
; Or your OS have problems with lots of files in one directory, and is
; A more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose
; Use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
; Session. save_path = "N; MODE;/path"
;
; Where MODE is the octal representation of the mode. Note that this
; Does not overwrite the process's umask.
Http://php.net/session.save-path
; Session. save_path = "/tmp"
PHP supports the use of session_set_save_handler to implement custom open, close, read, write, destroy and gc processing functions of the session processor. Common session processors include memory allocation (such as mm, you can also use a database for storage. It can be seen that if Session storage and file systems (such as using PostgreSQL Session Save Handler or default file storage files) need to work together, in this case, the custom session processor may lose the session that has not stored data. If the memory type is used for storage allocation, session persistence storage needs to be considered.
Next we will focus on memcache (d ?) Session processor.
The Memcache module provides convenient process-oriented and object-oriented interfaces for memcached. memcached is a resident process cache product generated to reduce the workload of dynamic web applications loading data from databases.
The Memcache module also provides a session processor (memcache ).