I. problem origin
Websites with a slightly larger size usually have several servers. each server runs modules with different functions and uses different second-level domain names. The User System of a website with a strong integrity is unified, that is, a user name and password can be used to log on to each module of the entire website. Sharing user data between servers is easy to implement. you only need to set up a database server on the backend. each server can access user data through a unified interface. However, there is still a problem, that is, the user still needs to log on again after logging on to the server and entering another module of the server. this is a logon and all traffic problems, ing to the technology is actually a question about how each server shares SESSION data.
II. working principles of PHP sessions
Before solving the problem, let's take a look at the working principles of the php session. When a client (such as a browser) logs on to a website, you can use session_start () to open the SESSION on the Accessed PHP page, this will generate a unique session id of the client (this ID can be obtained/set through the session_id () function ). The session id can be retained on the client in two ways, so that the PHP program can obtain the session id of the client when requesting different pages; one is to automatically add the session id to the get url or the POST form. by default, the variable name is PHPSESSID, and the other is through COOKIE, save the session id in the COOKIE. by default, the COOKIE name is PHPSESSID. Here we mainly describe the COOKIE method, because it is widely used.
Where can SESSION data be stored? Of course, it is on the server side, but not stored in the memory, but saved in a file or database. By default, php. the SESSION storage method set in ini is files (session. save_handler = files), that is, SESSION data is saved by reading and writing files, and the SESSION file directory is saved by session. save_path is specified. the file name is prefixed with sess _ and followed by SESSIONID, for example, sess_c000065af28a8b14c0fe11afe3b59b51b. The data in the file is the serialized SESSION data. If the traffic volume is large, many SESSION files may be generated. you can set a hierarchical directory to store SESSION files, which improves the efficiency. the setting method is session. save_path = "N;/save_path", where N is the classification level, and save_path is the start directory. When writing SESSION data, PHP will get the SESSION_ID of the client, and then find the corresponding SESSION file in the saved Directory of the specified SESSION file based on the session id. if the SESSION file does not exist, it will be created, finally, the data is serialized and written to the file. Reading SESSION data is a similar operation process. The read data needs to be deserialized to generate the corresponding SESSION variable.
III. main obstacles and solutions to multi-server SESSION sharing
By understanding the working principle of the SESSION, we can find that by default, each server generates SESSIONID for the same client, for example, for the same user browser, the session id generated by server A is 30de1e9de3192ba6ce2992d27a1b6a0a, while that generated by server B is c000065af28a8b14c0fe11afe3b59b51b. In addition, the SESSION data of PHP is stored in the file system of the current server.
After confirming the problem, you can start to solve it. To share SESSION data, you must achieve two goals: one is that the SESSION IDs generated by each server on the same client must be the same and can be transmitted through the same COOKIE, that is to say, each server must be able to read the same COOKIE named PHPSESSID; the other is the SESSION data storage method/location, which must be accessible to each server. Simply put, multiple servers share the session id of the client, and must also share the SESSION data of the server.
The implementation of the first target is actually very simple. you only need to set the COOKIE domain. by default, the COOKIE domain is the domain name/IP address of the current server, if the domain is different, the cookies set by each server cannot access each other. for example, the server www.aaa.com cannot read or write the cookies set by the server www.bbb.com. The servers of the same website have their own particularity, that is, they belong to the same level-1 domain. for example, tieba.xiaoyuan.com and www.xiaoyuan.com both belong to the domain .xiaoyuan.com, then we can set the COOKIE domain to .xiaoyuan.com, so that tieba.xiaoyuan.com and www.xiaoyuan.com can all access this COOKIE. The setting method in PHP code is as follows:
<?phpini_set('session.cookie_domain', '.xiaoyuan.com');?>
In this way, each server shares the same client session id.
The second goal can be implemented using the file sharing method. There are two solutions: Data Inventory session and memcache trial. Here we use MEMCACHE to solve the problem.
I am using the thinkphp framework and have supported memcache access to Sessions. after the memcache server is configured, you only need to set the IP address and port of memcache in the configuration file, and then specify the COOKIE_DOMAIN parameter. then, you can operate on the session normally, now you can share sessions with multiple domain names.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
