Php Session control cookie and Session processing. In php, cookies and sessions are usually used to register Login and record user information. However, cookies and sessions are very different. let's take a look at them. Session introduction: HTTP (in php, cookies and sessions are usually used to register logon and record user information. However, cookies and sessions are very different. let's take a look at them.
Session introduction: HTTP (Hypertext Transfer Protocol) defines the transmission of text, graphics, videos, and all
All other data rules. HTTP is a stateless protocol, indicating that each request is processed with the previous or subsequent
The request is independent. Although this simplification has made outstanding contributions to the popularization of HTTP
For Web application developers, this is a bit of a problem. To solve this problem
A small amount of information (cookies) is stored on the machine ).
Due to cookie size restrictions, quantity, and other reasons, developers propose another solution: session
Processing.
1. Cookie
Application
Set cookie: the setcookie () function can generate a cookie file on the client, which can be saved
Time, name, value, and so on.
Create cookie
The code is as follows: |
|
Setcookie ('name', 'Lil', time () + (7*24*60*60); // set a cookie with an expiration time of 7 days. ?>
|
Parameter 1: cookie name
Parameter 2: cookie value
Parameter 3: cookie expiration time
View cookie
Open Firefox: Tools-page information-security-View cookie to view the current cookie information
Read cookie
The code is as follows: |
|
Echo $ _ COOKIE ['name']; ?>
|
Delete cookie
The code is as follows: |
|
Setcookie ('name ',"); Setcookie ('name', 'Lil', time ()-1 ); ?>
|
Cookie usage restrictions
1. it must be set before HTML file content output;
2. different browsers may encounter inconsistent processing of cookies and sometimes incorrect results.
3. restrictions are imposed on the client. A browser can create up to 30 cookies, and each Cookie cannot
More than 4 kB, each WEB site can set a total of 20 cookies.
II. Session
Session processing
When session processing is used, you must start the session and start the session with session_start.
Create a session and read the session
The code is as follows: |
|
Session_start (); $ _ SESSION ['name'] = 'Lil '; Echo $ _ SESSION ['name']; ?>
|
Determine whether a session exists
The code is as follows: |
|
Session_start (); $ _ SESSION ['name'] = 'Lil '; If (isset ($ _ SESSION ['name']) { Echo $ _ SESSION ['name']; } ?>
|
Delete session
The code is as follows: |
|
Session_start (); $ _ SESSION ['name'] = 'Lil '; Unset ($ _ SESSION ['name']); Echo $ _ SESSION ['name']; ?>
|
Destroy all sessions
The code is as follows: |
|
Session_start (); $ _ SESSION ['name'] = 'Lil '; $ _ SESSION ['name2'] = 'Lil '; Session_destroy (); Echo $ _ SESSION ['name']; Echo $ _ SESSION ['name2']; ?> |
Differences and relationships between cookies and Sessions
• Storage location:
1. the session is stored on the server. you can configure the session configuration in php. ini.
2. cookies are stored on the client (in fact, there are two types:
1. Persistent cookie: sets the cookie Time, which exists on the hard disk as a file,
2. the session cookie does not set the cookie time. the lifecycle of the cookie disappears before the browser is closed. it is generally not stored on the hard disk but stored in the memory)
Relationship between cookie and session
The cookie is sent through the http header:
Cookie name = PHP % BB % B4 % B1 % B1; PHPSESSID = cpt2ah3pi4cu7lo69nfbfllbo7
PHPSESSID is an important parameter of the session associated with the server.
Check the session File: sess_cpt2ah3pi4cu7lo69nfbfllbo7.
The format of session_id is: sess _ plus the value of PHPSESSID.
We can understand this as follows:
When the program needs to create a session for a client request, the server first checks whether the client request contains a session id (called session id ), if it already exists, it indicates that a session has been created for this client. then, the server retrieves and uses this session according to the session id (a new session will be created if it cannot be retrieved ), if the client request does not contain the session id, the client creates a session and generates a session id associated with the session. the session id value should be unique, the session id is returned to the client for saving in this response. The cookie can be used to save the session id, so that the browser can automatically send the id to the server according to the rules during the interaction. Generally, the cookie name is similar to SEEESIONID.
Session and cookie configurations in php. ini
1, session. use_cookie = 1
Whether to use the Cookie method to pass the session id value. The default value is 1, indicating that it is enabled.
2, session. name = PHPSESSID
You must use a key value to pass sessioin_id through the Cookie or GET method. Their formats are Cookie: sess_name = session_id; and/path. php? Sess_name = session_id, where sess_name is specified here.
3, session. use_only_cookies = 0
Indicates that only session IDs are transmitted using the Cookie method. As we have said, in addition to cookies, there are also GET methods. the GET method is insecure. When the cookie is disabled on the user side, session_id is transmitted using the GET method. you can use the GET method to pass session_id through this setting.
4. session. cookie_lifetime = 0, session. cookie_path =/, and session. cookie_domain =
If you use the Cookie method to pass session_id, the valid cookie domain, directory, and time are specified here. Corresponds to the $ expire, $ path, and $ domain parameters of the setcookie () function. Cookie_lifetime = 0 indicates that the Cookie is not deleted until the browser is closed. You can also use the session_set_cookie_params () function to modify these values.
5, session_name ([string $ name])
Obtains or updates session_name. If the name is passed, the default name PHPSESSID (specified by session. name) is not used. Otherwise, the current session_name is obtained. Note: If session_name is set, the call takes effect only before session_start.
6, session_id ([string $ id])
Similar to session_name (), but it is the method for reading or setting session_id. Similarly, if session_id is set, it must be called before session_start.
7. session_set_cookie_params () and session_get_cookie_params ()
Session_set_cookie_params () allows you to reset the three php. ini settings: session. cookie_lifetime, session. cookie_path, and session. cookie_domain. Session_get_cookie_params () is used to obtain these set values.
Here I made a special table and summarized their differences and similarities:
Bytes. Session introduction: HTTP (hyper text...