< original > A string of simple code Session,cookie,$_session,$_cookie relationship issues

Source: Internet
Author: User

    

What is the result of the above code?

a.php://Error

The value of this page is not difficult, will be reported a notice ( Undefined index:a) error, because the return value of the cookie has a slow beat characteristics, in the page after the setting of Setcookie, when the user access, The cookie key value pair should be included in the HTTP response header to return to the client, when the next time you visit, the browser will have the cookie value of the request header request server, the server will know that the current client exists this cookie value, and then use other business logic.

b.php://ABC

The value of this page is ABC, but I was surprised to see the answer for the first time.

In fact, the principle is this:

We have been confused with cookie/session,$_cookie/$_session, in fact, these four (two groups) are independent, cookie/session is the value of the HTTP, $_cookie/$_ The session is a global variable that belongs to PHP. When we setcookie, we actually assign a value to the cookie in HTTP, and the cookie in HTTP is associated with the $_cookie in PHP. That's why $_cookie has the value ABC. , it is not directly assigned to the $_cookie Super global variable. So the same is true, unset ($_cookie) destroys the variable $_cookie, regardless of the value of the COOKIE in the HTTP header, so the b.php can still be printed.

The solution is Setcookie (A, ',-1) Set this cookie to expire, so b.php can no longer get it.

-----------------------------------Split Line-----------------------------------------

The same principle can be used in the session mechanism,

In this image, it is possible to print out the value of $_session, because Session_destroy separates the session in HTTP from the $_session of the hyper-global variable, as described in the manual

Session_destroy the relationship between the session and the $_session, if you want to re-restore the function of the session function, you will have to reopen the session_start ();

Then the value of the session will be deleted, then the value of the $_session Super global variable associated with it disappears.

Summarize:

    • Session_unset destroys not $_session this variable value (unlike the unset function, which unset directly manipulate the variable), but rather the session value in HTTP. Specifically, you can open and not open the Session_ Start and then session_unset the experiment.
    • $_session/session value, $_cookie/cookie value is not equivalent, cookie/session operates the $_cookie/$_session variable value, so be sure to understand when doing the function operation, Whether he is operating on a variable or an HTTP protocol!
    • The policy of making a cookie expire is to expire it.

Welcome reprint, but be sure to save the original site + author

Author: Php Program fetish-Demon all Xiao Chen

Original address: http://www.cnblogs.com/gzchenjiajun-php/p/5036462.html

< original > A string of simple code Session,cookie,$_session,$_cookie relationship issues

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.