PHP SESSION cannot be passed across pages

Source: Internet
Author: User
Tags session id php session

Today want to use a session to achieve user login judgment, but also to the previous session of the inquiry, check the following data session operation mechanism is as follows:

The session is a server-side conversational mechanism, when the client's request server creates a session, the server will first detect whether the request contains a unique SessionID, if so, the server has created a session for the user, Simply follow the Sesionid to retrieve the user's session for the user to use, if there is no SessionID, the server will create a new user with a unique service SessionID session. Once created, the SessionID is returned to the client by the server and saved locally to the client.

Generally, the mechanism for saving the session ID is a cookie, but since the cookie can be banned by humans, it is guaranteed that the cookie will still be able to be used for sessions through the session, usually via URL rewriting, in the form of http://. /xxx;jsessionid= byok3vjfd75apnrf7c2hmdnv6qzcebzwowibyenlerjq99zwpbng!-145788764, another is appended to the URL as a query string and behaves as an HTTP ://.../xxx?jsessionid=byok3vjfd75apnrf7c2hmdnv6qzcebzwowibyenlerjq99zwpbng!-145788764 these two ways are no different to the user, Only when the server is resolved in a different way, the first way is also conducive to the session ID information and the normal program parameters to separate.
In order to maintain state throughout the interaction, the session ID must be included after each client may request a path.

In addition, there is a misunderstanding about the session failure:

When we talk about the session mechanism, I often hear a misunderstanding that "as soon as you close the browser, the session disappears." In fact, you can imagine the membership card example, unless the customer actively to the store to sell cards, otherwise the store will not easily delete customer information. For the session is the same, unless the program notifies the server to delete a session, or the server will remain, the program is generally in the user to log off when sending an instruction to delete the session. However, the browser will never proactively notify the server before shutting down, so the server will not have the opportunity to know that the browser has been shut down, the reason for this illusion is that most sessions use session cookies to save the conversation ID, and after closing the browser this The session ID disappears and the original session cannot be found when connecting to the server again. If the cookie set by the server is saved to the hard disk, or if a device is used to overwrite the HTTP request header sent by the browser, and the original session ID is sent to the server, the original session can still be found by opening the browser again.

It is precisely because closing the browser does not cause the session to be deleted, forcing the server to set an expiration time for seesion, when the client last time to use the session more than the expiration time, the server can assume that the client has stopped the activity, The session is deleted to save storage space.

All right, that's a lot of crap, say the solution to the missing session:

1, session_start (); should be placed to the top of the page as far as possible;

2, if php.ini inside does not configure session autostart, each session before, you have to manually open Session:session_start ();

3, the SESSION is the PHP inside the Super global variable, as $_get,$_post,$_server, so use must capitalize: $_session[' username ']= $username;

4. Cross-page Delivery Example: a.php page pass $_session[' username ' to b.php:

a.php:

<?phpsession_start (); $username =$_post[' username '];$_session[' username ']= $username;? >

b.php:

<?phpsession_start (); Echo $_session[' username '];? >

  

PHP SESSION cannot be passed across pages

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.