PHP set up a strict 30-minute expired session interview question 4 kinds of answers, session4 kind of _php tutorial

Source: Internet
Author: User
Tags php session

PHP set up a strict 30-minute expiration session interview question 4 kinds of answers, Session4 kind


Today, I'm sending a question on my Weibo:

In the interview, I often ask a question: "How to set up a 30-minute expired session?", we do not think it seems simple, here the bread contains a lot of knowledge, especially suitable for investigating the fundamentals is solid, who will answer to try? Oh

Why do you ask this question?

1. I saw someone talking about it on the StackOverflow.
2. Remember that I often ask this question, so ~ ~

Here, let me answer the question.

The first kind of answer

Then, the most common answer is: Set the session expiration time, that is session.gc_maxlifetime, this answer is not correct, for the following reasons:

1. First, this PHP is using a certain probability to run the GC of the session, that is, session.gc_probability and session.gc_divisor (Introduction see PHP using the session encountered a permission Denied notice solution), this default value is 1 and 100, which is 1% chance, PHP will run the session GC when a session is started. There is no guarantee that it will expire in 30 minutes.

2. What about a chance to clean up a large probability? Or is it inappropriate, why? Because PHP uses the stat session file modification time to determine whether or not to expire, if the increase of this probability will degrade performance, and secondly, PHP uses "a" file to save and a session-related sessions variable, suppose I set up 5 minutes ago a a=1 session variable, 5 minutes later set up a b=2 seesion variable, then the session file modification time is to add the time of the B moment, then a can not be in 30 minutes, was cleared. There is also a third reason.

3. PHP Default (Linux for example), is the default storage directory using/TMP as the session, and the manual also has the following description:

Note: If different scripts have different session.gc_maxlifetime values but share the same place to store session data, the script with the smallest values cleans up the data. In this case, use this directive with Session.save_path.

That is, if two applications do not specify their own independent Save_path, one set the expiration time is 2 minutes (assuming a), one set to 30 minutes (assuming B), then each time A's session GC runs, it will also delete the session that belongs to application B Files.

So, the first answer is not "completely strict" right.

The second kind of answer

There is also a common answer is: Set the session ID of the carrier, the expiration time of the cookie, that is, session.cookie_lifetime. This answer is also incorrect for the following reasons:

This expiration is only a cookie expires, in other words, it examines the difference between a cookie and a session, the session expires when the server expires, and the cookie expires in the client (browser) to ensure that even if you set a cookie expires, This only guarantees that the standard browser expires, does not send this cookie (contains the session ID), and if you construct the request, you can still use the value of the session ID.

The third kind of answer

Using Memcache, Redis, etc., Okey, this answer is a correct answer. However, it is clear that the question will continue to ask you, if you just use PHP?

Fourth kind of answer

Of course, the interview is not for you, but to examine the thoroughness of thinking. In this process I will suggest these traps, so in general, the practice of conforming to test instructions is:

1. Set the cookie expiration time to 30 minutes and set the session's lifetime to 30 minutes.

2. Add a time stamp for each session value.

3. Before each visit, determine the timestamp.

Finally, a classmate asked, why to set the expiration time of 30 minutes: this, first of all, this is for the interview, second, the actual use of the scene, such as 30 minutes on the expiry of the coupon?

Thanks:)


PHP session does not expire how to set expiration

PHP session would have expired AH (originally a session of the cookie, that is, close the browser, the session expires), if you want to force expiration, you can:

Setcookie (Session_name (), ", Time ()-3600);
Session_destroy ();

Both can be used at the same time.

Hope to be able to help you, if there are any questions, please leave a message.

How to set the session expiration time in PHP, I want to set in the code, not set in the Phpini

Try the Session_cache_expire

Example 1. Session_cache_expire () example

!--? php

/* Set the cache limiter to ' private ' */

Session_cache_limiter (' private ');
$cache _limiter = Session_cache_limiter ();

/* Set the cache expire to minutes */
Session_cache_expire (+);
$cache _expire = Session_cache_expire ();

/* Start the session */

Session_Start ();

echo "The cache limiter is now set to $cache _limiter</br>";
Echo "The cached session pages expire after $cache _expire minutes";
.
 

http://www.bkjia.com/PHPjc/854357.html www.bkjia.com true http://www.bkjia.com/PHPjc/854357.html techarticle PHP set up a strict 30-minute expired session interview question 4 answers, Session4 today on my Weibo issue a question: I in the interview, often asked a question: "How ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.