Home > Developer > Web Develop

PHP Learning Notes (v)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Some tips about the response header:

Host:address URL, host is the address identifier that the browser provides to the server. Because the HTTP protocol is stateless, the server needs to determine, based on this information from host, which server the message is sent to.

Cookie:phpssessid = .... When the browser visits the website for the first time, the server places the sessid of the session into a cookie, giving the session an identity. This identification identifies a session on a machine. In other words, this cookie can be a session, and if you get the cookie, you can get the content in the session. This is the site exists a security risk: for example, login information and identity is present in the session, then the cookie is the sign of the login. If the cookie is stolen, the login information will be stolen at this time. Session Hijacking

Workaround: Use SSL header information for encryption. Disadvantage: Because SSL is a stateful link, and the resource consumption of the server is very large, and a server can only correspond to one IP (proxy server can not meet this requirement). Therefore, the maintenance cost is higher. At present, in addition to the banking system, Gmail is to support the full SSL implementation of the site.

Location: Records the redirect address of the current request, which is a temporary redirect, and the request is not cached in memory, but instead directly accesses the address pointed to by locations. Status Code: 302 (301 for permanent redirection)

X-powered-by: Display the current server running environment and version, such as: php/5.2.5, the display of this item will cause the disclosure of server information, can be banned in php.ini: Expose_php=off

Function:

Session_Start (): Start using session, all pages to use the session must call this function, so the function can be placed in the more common files, such as config.php

Function_exist (): Determines whether the function is defined and returns a Boolean value.

Htmlspecialcharts (): Escapes the special characters in the argument. Returns the escaped string.

PHP Learning Notes (v)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More