Novice rookie must read: Session and Cookie Difference _php Tutorial

Source: Internet
Author: User
Tags apache log
Session and Cookie are websiteThe two concepts, which are more common in browsing, are two concepts that are difficult to distinguish, but they are in the clickstream and based on the user's browsing behavior. websiteCritical in the analysis. Based on some of the articles and materials on the Internet, and the author's personal application Experience, the two concepts to do a simple elaboration and analysis, I hope to discuss with you.

The most important difference between a session and a cookie is that the session is stored in the server's memory, and the cookie is stored in the browser or client file; The session is an access-based process that records the start-to-end of an access, and when the browser or process is closed, The session is "gone", and the cookie is more used to identify the user, it can be long-term for users to track and identify unique users (unique Visitor).

about Session

The session is used to indicate a persistent connection state, which is generally referred to as the process from the client browser to the end of a Web site visit. The session is actually a Web Analytics Access (visits) metric that represents the process of an access.

The common implementation of the session is a conversation cookie, which is a cookie that does not have an expiration time, and the default lifetime of the cookie is the browser session, and the cookie disappears as soon as the browser window is closed. The implementation mechanism is when the user initiates a request, the server checks whether the request contains SessionID, and if not, the system creates an output cookie named Jsessionid that is returned to the browser ( memory only, not on the hard drive ), and writes it in the form of Hashtable to the server 's memory, and when the SessionID is already included, the service side checks to find the information that matches the session, and if so, uses the SessionID directly, Regenerate a new session if it does not exist. It is important to note that the session is always created by the server, not by the browser itself.

However, browser cookies are forbidden after the session will need to use the URL rewrite mechanism of the Get method or use the Post method to submit a hidden form to implement.

Here is a key point of note, that is, the setting of the session expiration time , there are two aspects: browser and server. For the browser side, the session is directly related to the access process, when the browser is closed, the session disappears, while the server -side session failure time is generally set to the purpose is to be able to periodically free up memory space, reduce the server pressure, the general setting for when the session is inactive up to 20 or 30 minutes to clear that session, so the browser and server side of the session does not disappear at the same time, the session of the interruption does not necessarily mean that the user must leave the Website . At present, both Google Analytics and Omniture define that when there is no action at the interval of 30 minutes, it counts as the end of a visit, so the last step in the session is not just to leave, but also to be stationary, dormant, or stunned.

It is also important to note that the current browser seems to tend to multi-process session sharing, that is, through multiple tabs or pages to open multiple processes to access the same Web site sharing a session cookie, only when the browser is closed to be cleared, That is, you may have closed the site in the tag, but as long as the browser is not closed and the server side session does not expire before restarting the site , then you will still use the original session to browse , while some browsers may open multiple pages to create a separate SESSION,IE8, chrome by default is a shared session, in the IE8 can be created through the menu bar of the file--new session to establish a separate session browsing page.

About Cookies

A cookie is a small piece of textual information that accompanies a user request and the page is passed between the Web server and the browser. Each time a user accesses a site, the Web application can read the information contained in the cookie.

The implementation mechanism of the session has been described in the common way is the use of Session cookies (sessions cookie), and generally speaking of the cookie mainly refers to another class of cookie--persistent cookie (persistent cookies). A persistent cookie is a cookie that is stored on the client's hard drive (with a certain expiration date set), and when a user accesses a website , the browser looks for a cookie associated with the site on the local hard drive. If the cookie exists, the browser sends it through the HTTP header information along with the page request to your site, and then the system will compare the properties and values in the cookie with the information stored on the server side, and determine the user as the "novice" or " Old customers. "

Persistent cookies typically save the user's user ID, which is sent by the server to generate a cookie containing the domain name and related information at the time of the user's registration or first login, and is placed on the client's hard disk file, and the expiration time of the cookie is set. To facilitate user's automatic login and website content customization.

Apache's Mod_usertrack module allows users to plant a unique cookie for the first time a user arrives at the current site (longer expires), a cookie that is the first time a user has come to the current site IP address plus a random string. At the same time in the custom Web log, the last addition of the%{cookie}n field enables the output of the cookie in the Apache log for data statistics and user tracking.

http://www.bkjia.com/PHPjc/328164.html www.bkjia.com true http://www.bkjia.com/PHPjc/328164.html techarticle Sessions and cookies are two of the most common concepts in web browsing, but they are also more difficult to distinguish between the two concepts, but they are in the click Stream and Web site analysis based on user browsing behavior ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.