PHP session_id () function in detail, session ID generation process and Sessions ID length _php instance

Source: Internet
Author: User
Tags function prototype php session
PHP session_id () function prototype and description session_id () function Description: stringsession_id ([string$id]) session_id () can be used to get/set the current session ID. In order to be able to attach the session ID to the URL conveniently, you can use the constant SID to get the string in the cell ...

PHP session_id () function prototype and description

SESSION_ID () function Description:

String session_id ([string $id])

SESSION_ID () can be used to get/set the current session ID.

In order to be able to attach the session ID to the URL conveniently, you can use the constant SID to get the session name and ID expressed in string format. Please refer to session processing.

session_id () function parameters:

Id

If the value of the ID parameter is specified, the specified value is used as the session ID. You must call the session_id () function before calling the Session_Start () function. Different session managers have different restrictions on the characters that can be used in the session ID. For example, the file session Manager allows only the following characters to be used in the session ID: A-Z 0-9, (comma) and-(minus)

Note: If the session ID is transferred using a cookie, and the ID parameter is specified, a new cookie is sent to the client after calling Session_Start (), regardless of whether the current session ID and the newly specified session ID are the same.

session_id () function return value:

SESSION_ID () returns the current session ID. If no session is currently present, an empty string ("") is returned.

How the PHP session ID is generated and the session ID length

A visitor visiting your Web site will be assigned a unique ID, which is called the session ID. This ID can be stored in a cookie on the client side, or it can be passed through a URL. Session sessions are used to track each user's session and are identified using server-generated SessionID to differentiate users. The session is stored in the server's memory and SessionID is stored in the server's memory and in the client's cookie. In this way, when the user makes a request, the server makes a comparison between the SessionID recorded in the user's cookie and the SessionID in the server memory, thus finding the user's corresponding session to operate. Therefore, if the client prohibits cookies, the session cannot be used.

How is the PHP session ID generated? Introduction to PHP default session ID generation algorithm

Take php5.3.6 source code as an example, enter the/ext/session directory, the function of generating session ID is located in the 345 line of session.c file, the C function prototype is as follows:

Phpapi Char *php_session_create_id (Ps_create_sid_args);

Interested can be specific analysis of the implementation of the principle.

PHP Default session ID length

Intercept some of the actual PHP 5.4.6 server generated session ID as follows:

Sess_00nrqa20hjrlaiac0eu726i4q5 sess_89j9ifuqrbplk0rti2va2k1ha0 SESS_G2RV1KD6IJSJ6G6C9JQ5MQGLV5
Sess_04es72a83tqsl0jqd3cvrc4s01 sess_8b7a5lme60g49lvk4u4jiemdn1 Sess_g3uk6d3gbashg5eoq0b2k7vsk0
Sess_04u0ns0oobh2g93t009bij2rq0 SESS_8DFVKIV8ML44FDQRK1RCMJCHS4 Sess_g64tddhbo8pbj8bs7bel44rf35
Sess_0592dolr5m0k392fah6c9preg7 sess_8fhgkjuakhatbeg2fa14lo84q1 sess_g6kl828qqsnvdrse7ff52cl2a4
Sess_066g8irr0m22iqotscepub4e13 sess_8gn03i9j1tta7655qfj6nl1l53 Sess_g8t45j6qce7mf55nk14cotj5i4
sess_08nr1fav9jqs2pdi5qlpsmd247 Sess_8gvu05313o7p9usksaacaiegu6 sess_gbtjmr57iat86c8ve86ar5nh30

It can be seen that the specific session ID is the section after "Sess_", the length is 26 bits, this length is limited to PHP 5.4.6.

Examples of PHP session_id () Usage code are:

Output session_id () detail code:

<?php  session_start ();  Echo session_id ();  Output 08nr1fav9jqs2pdi5qlpsmd247?>

Set the session_id () detail code:

<?php  session_id ("www.169it.com");  Session_Start ();  Echo session_id ();  Output www.169it.com?>
  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.