In general, the user is tracked by a unique session IDpassed between the pages, and the session ID is taken to retrieve the sessions variable saved in the server. There are two main types of Session ID transfer methods.
The first method is to pass the Session ID in a Cookie-based manner, which is optimized but not often used because the user can block cookies on the client.
The second method is to pass the URL parameter and embed the session ID directly into the URL.
In the implementation of the session is usually a cookie-based approach, the client saves the session ID is a cookie. When the client disables the cookie, the session ID cannot be saved in the cookie, nor can it be passed between pages, when the session expires. However, the Cookie status can be checked automatically on the Linux platform, and if the client disables it, the system automatically attaches the Session ID to the URL for delivery. The use of Windows systems does not have this capability.
1. Pass the Session ID via a Cookie
If the client does not block cookies, the server automatically sends an HTTP header to save the session ID to the client computer's cookie after it is initialized in the PHP script via the session_start () function. The settings are similar to the following:
The process of setting the Session ID in virtual to cookie
1 |
setcookie(session_name(), session_id(), 0, ‘/‘ ) |
The first parameter calls the Session_name () function, which returns the name of the current session as the identity name of the cookie. You can call the Session_name () function again to provide a parameter to change the name of the current session.
The second parameter calls the session_id () function, which returns the current session ID as the value of the Cookie. You can also set the current session ID by calling the session_id () function when the parameter is supplied.
The third parameter has a value of 0, which is set by the Session.cookie_lifetime option in the php.ini file. The default is 0, which means that the Session ID will continue in the client's Cookie until the browser is closed.
The fourth parameter, "/", is also the value that is set by the Session.cookie_path option in php.ini by the value specified by the PHP configuration file. The default is "/", which means that the path to be set in the cookie is valid throughout the domain.
2. Pass the Session ID by URL
If the client browser supports cookies, the Session ID is stored in the browser as a cookie. However, if the user prohibits the use of cookies, there is no Session ID in the browser as a cookie, so cookie information is not included in the client request. If the session_start () function is called, the session ID of the Cookie cannot be obtained from the client browser, and a new session ID is created, and the user state cannot be tracked. Therefore, each time a user requests a PHP script that supports the session, the Session_Start () function creates a new session when the session is opened, thus losing the ability to track the user's state.
Another mechanism for tracking the Session is provided in PHP, and if the client browser does not support cookies, PHP can rewrite the client request URL to
The Session ID is added to the URL. You can manually add a Session ID to each hyperlink URL, which is a relatively large effort and is generally not recommended for this method. The code for its example is as follows:
123456 |
<?php //开启 session session_start(); // 在 URL 后面附加参数,变量名为session_name()获取的名称,值为session_id()获取 echo ‘<a href="test.php?‘ .session_name(). ‘=‘ .session_id(). ‘">演示</a>‘ ; ?> |
How to pass session ID in PHP