Intelligent Podcast Session Management tutorial

Course Description:

1 loading the Web App resource file

2 Getting Started with cookies

3 Cookie Explanation

4 Cookie Case-user last access time 1

5 Cookie Case-user last access time 2

6 Cookie Case-Products viewed

7 Session Technical explanation

Play Address: http://www.php.cn/course/564.html

Instructor Characteristics: Rigorous thinking, serious, know how to grasp the key points, so that students know when the need to focus on memory, learning easy, fast learning.

Difficulty Analysis: cookie principle essentials;

Coookie and different points of the session;

Coookie and session when to use.

Courseware Download Address: http://www.php.cn/xiazai/code/2083

Because the HTTP protocol is stateless, the Web server considers every request to a user as a completely new request. But very

The requirements of a multi-Web application require that some information from the last request be saved. In order to solve this problem, the question of conversation and state management

The problem arises. In the video, the knowledge points include: sessions in the Web App session state, cookies, in the servlet program

The use of cookie,session,session in the typical case, Session of the persistence of management.

A session is a sequence of request and response processes that occur continuously between a client browser and a Web server. Web Apps

Session state refers to the state information generated by the Web server and the browser during the session, and with the use of Session state, the Web server can

A series of request and response procedures that belong to the same session are associated. For example, when a user logs in from the login page of a website,

When you go shopping on the shopping page, the server program that handles the purchase request must know the user who processed the last requested program

Information. Because the HTTP protocol is a stateless protocol, the Web server itself does not recognize which requests are made by the same browser

, every request from the browser is completely isolated. So Web server-side programs need to be able to distinguish from a large number of request messages

The request message belongs to the same session, that is, can identify the access request from the same browser, which requires the browser to send each

Each request message is identified, and the request message that belongs to the same session comes with the same identification number, and the request that belongs to a different session

The message always comes with a different identification number, which is called the session ID (SessionID). SessionID is generated by the server

and passed to the browser, if the client to receive and back to the server for authentication requires the appropriate mechanism, which is

Cookie technology, which not only can receive and save the corresponding session information temporarily, but also can record on the client hard disk for a long time.

SessionID can be passed in the request message not only through the technology of the cookie, but also as an additional parameter of the request URL.

Passed. SessionID is a unique codename assigned by the Web server to each client browser, which is typically received on the Web server

The first time a browser is accessed, and is sent to the browser along with the response message. The session process is performed by the Web server-side

The program opens, and once a session is opened, the server-side program creates a separate storage structure for this session to save the

, access requests in the same session can and only access state information in the storage structure that is part of the session.

A cookie is a technique that maintains HTTP status information on the client, which is like a discount card issued by a mall. Cookies are viewed in the

When accessing a resource from a Web server, the Web server sends a piece of data to the browser in the HTTP response message header,

The data that the Web server transmits to each client browser can vary. Once a Web browser has saved a cookie,

It should then pass this cookie back to the Web server in the HTTP request header each time it accesses the Web server. Web Service

The Set-cookie response Header field in the HTTP response message sends the cookie information to the browser, which

Add the cookie Request header field to the HTTP request message to pass the cookie back to the Web server. A cookie can only identify one type of information

, it contains at least one name and set value (value) that identifies the information. A Web site can send a web browser

Send multiple cookies, a Web browser can also store cookies provided by multiple Web sites.

The Set-cookie and Set-cookie2 header fields can be used in the program to specify the cookie content that the Web server transmits to the client

, the two are only using different specifications, but the syntax and function of the two are similar. The appropriate response can be selected based on the browser's support situation

Header field. The cookie content set in the Set-cookie2 header field is a string of a certain format that must be in the name of the cookie

and set the value beginning with the format "name = value", followed by 0 or more semicolons (;) and spaces separated by other optional attributes,

The property format is typically "Property name = value".

Finally, the request header field of the browser callback cookie is explained. The browser uses the cookie Request header field to echo the cookie information

to the Web server. Multiple cookie information is sent back to the Web server via a cookie request header field. Does the browser send a

Cookie information is determined according to the following rules:

1. Whether the requested host name matches the domain property of a stored cookie

2. Whether the requested port number is in the Port property list of the cookie

3. Whether the requested resource path is in the directory and subdirectory specified by the Path property of the cookie

4. Whether the cookie has expired in the cookie Request header field between each cookie with a comma (,) or semicolon (;)

Every In addition to the "name = value" setting in the cookie Request header field, you can also have version, Path, Domain, Port

And so on several attributes. However, if you want to set the properties of version, Path, Domain, Port, and so on, you need to add one before the property name

The "$" character is prefixed, and the version property can only occur once, and is at the top of the cookie Request header field setting value.

If you need to set the Path, Domain, port, and other attributes of a cookie information, they must be located in the "name of the cookie Information" =

Value is set. The path property needs to be aware that the cookie that the attribute points to a subdirectory is placed in the Path property that points to the parent directory.

Cookie before. For example: Cookie: $Version = 1; Course=java; $Path =/it315/lesson; COURSE=VC;

$Path =/it315. The cookie complies with the above restrictions. A specific example is shown in the video tutorial:

Code one:      cookie ckname = new Cookie ("name", name);       Cookie cknickname = new Cookie ("nickname", nickname);       Cknickname.setmaxage (365*24*3600);       Cookie Ckemail = new Cookie ("email", "test1@it315.org");       Cookie Ckphone = new Cookie ("Phone", "1111111");       Response.addcookie (ckname);       Response.addcookie (cknickname);       Response.addcookie (ckemail);       Response.addcookie (Ckphone);

Code two:      String lastnickname = null;       Cookie [] cks = Request.getcookies ();       for (int i=0; cks!=null && i<cks.length; i++) {          if ("nickname". Equals (Cks[i].getname ())) {              Lastnickname = Cks[i].getvalue ();              break;            }       }        if (lastnickname! = null) {      out.println ("Welcome you," + Lastnickname);      }

One of the above code snippets is the creation of four name, nickname, email, phone cookie information. Name and

Nickname The value of these two cookies is set by the request parameter, and nickname the cookie remains valid for a period of 1

The value of the two cookies for email and phone is specified in the program by hard coding. Code snippet in the second is to generate cookie information

The cookie information named nickname is then looked up from the request message and the corresponding greeting is printed based on the returned result.

The value of the cookie header field in the request message is also printed in the fragment.

Learn about the concept of sessions and cookie technology, followed by a detailed introduction to the session and a sample demonstration. This video mainly explains

What is the session, the tracking mechanism of the session, the timeout management of the session, the method in the HttpSession interface,

The session method in the HttpServletRequest interface, the comparison of the properties of the application and the session domain, and the utilization

The cookie implements session tracking and uses URL rewriting to implement session tracking. These technologies are often used in the future.

Both the cookie and the additional URL parameters can be used to pass the state information of the last request to the next request, but if you pass

More state information, will greatly reduce the network transmission efficiency and increase the difficulty of server-side program processing, in order to solve this problem,

The session technology is produced. Session technology is a technology that saves conversation state on the server side. During the session, the guest

Session identification number that the client needs to receive, memorize, and send back sessions, which can and usually be passed with a cookie.

Identification number. As you can see, cookies and sessions often work together to solve the stateless nature of the HTTP protocol.

。 With the concept of session, it is necessary to implement the program, and then let the server can successfully track the specific session.

In the Servlet API specification, a httpsession interface is defined, and the HttpSession interface defines a variety of management and operation

The method of the spoken state. The HttpSession object generated by the Web server is the storage structure that keeps the session state information, a client

The Web server side corresponds to a separate HttpSession object. The Web server does not create when the client begins to access it

HttpSession object, the Web application will only be able to access a servlet program that can open a session with the client.

Build a HttpSession object that corresponds to the client. The Web server assigns each HttpSession object a unique

The session identification number, which is then passed to the client in the response message. The client needs to remember the session ID number and

The session ID is routed to the Web server for each subsequent access request, and the Web server-side program is based on the session ID of the callback

The HttpSession object that the request is made from, and then selects the corresponding Because the server-side funding

The source is limited and cannot be saved indefinitely, so the Web application creates a HttpSession object that corresponds to a client.

HttpSession object, the HttpSession object resides in the Web server as long as there is no more than a qualifying idle time period

The client then accesses any servlet program, which uses the existing one corresponding to the client

The HttpSession object. A setattribute method is specifically defined in the HttpSession interface to store objects in

HttpSession object, a getattribute method is also defined to retrieve the objects stored in the HttpSession object,

The objects that are stored in the HttpSession object can be shared by the handlers of the individual requests that belong to the same session.

The server resources mentioned earlier are limited, and the Web server cannot determine whether the current client browser will continue to access or not

The client browser is turned off, so that even if the client has left or closed the browser, the Web server will retain its

The corresponding HttpSession object. However, as time goes on, new access clients are added, and the Web server memory will

As a result, a large number of HttpSession objects that are no longer being used are accumulated and will eventually result in server memory exhaustion. Therefore, the Web server

Use the "time-out limit" method to determine whether the client is still in the access, if a client does not have a certain amount of time to send

A subsequent request, the Web server considers that the client has stopped the activity, ends the session with the client and will correspond to the

HttpSession objects into garbage. If the client browser times out and then makes an access request again, the Web server considers this to be a

The beginning of a new session, a new HttpSession object is created for it and a new session identification number is assigned. Although there will be a few occurrences

The same session, but produces two times the HttpSession object, but in contrast to a large number of normal access requests, this situation is basically

can be ignored. In the Servlet API, the time-out interval for a session can be set in the Web. xml file, and its default value is determined by the servlet

Definition of the device.

    such as:<session-config>              <session-timeout>30</session-timeout>          </session-config>

Here is a small example of the video to illustrate the use of the session to implement the shopping cart:

      String courseselect = Request.getparameter ("course");      if (courseselect! = null) {          vector vcourses = (vector) session.getattribute ("courses");          if (vcourses = = null) {              vcourses = new Vector ();              Vcourses.add (courseselect);              Session.setattribute ("courses", vcourses);          }          else{              if (Vcourses.contains (Courseselect)) {                  out.println (sessionname +), you have previously selected "+                              Courseselect +" 
The above code first determines whether the access request is from a logged-on user, and if not, redirects the request to the Logon.html page

Surface. Then determine whether the current access request is issued when the user chooses the course, and if so, add the user-selected course to the cart

。 Finally, a list of all selected courses and a list of courses that have been placed in the shopping cart is displayed.