PHP Session configuration details (php.ini) tutorial

Session configuration instructions in php.ini

The following are the necessary configuration steps to enable the session to run

Manually Configuring the PHP runtime Environment, the most easily forgotten is the server-side session file storage directory configuration work, open php.ini file, search session, find Session.save_path, default value is/tmp, On behalf of the session file saved in the C:/tmp directory, the default TMP directory is not created, you can create a TMP directory under C disk, or create a different directory, such as LEAPSOULCN, and then modify the Session.save_path value, and remove;

Session.save_path = '/LEAPSOULCN ';

Precautions:

1, generally in order to ensure the security of the server, the Session.save_path value is best set to the external network can not access the directory, in addition if you are under the Linux Server for session configuration, please be sure to configure this directory for read and write permissions, Otherwise, an error occurs when performing a session operation.

2, in the use of session variables, in order to ensure the security of the server, it is best to set the register_globals to off, to ensure that global variables are not confused, in the use of Session_register () Registration session variable, you can pass the system global variables $_session to visit, for example, you register a LEAPSOULCN variable, you can access this variable by $_session[' LEAPSOULCN '. PHP environment variable $_server and system constants detailed description

Session.save_path configure additional documentation to be translated from the php.ini configuration file

You can use "N;" [MODE;] /path "This pattern defines the path, and N is an integer that represents a subdirectory with an n-level depth, rather than keeping all data files in one directory.

[MODE;] Optionally, you must use the 8 number and the default 600 (=384) to represent the maximum number of session files saved per directory. [MODE;] Does not overwrite the umask of the process. PHP does not automatically create these folder structures. Can be created using the mod_files.sh script in the Ext/session directory. If the folder can be accessed by insecure users (such as the default "/tmp"), a security vulnerability will be created. Automatic garbage collection will fail when n>0, as detailed in the garbage collection section below.

If you have multiple virtual hosts on your server, it is recommended that you set up separate directories for each of the different virtual hosts.

This is the most basic session configuration is complete, you just save php.ini, and restart Apache, you can use the session function.

Additional session configuration Instructions

Session.save_handler = "Files"

Default file access to session data, if you want to use a custom processor to access session data, such as databases, with "user".

Session.use_cookies = 1

Whether to use cookies to save session SessionID on the client, default to adopt cookies

session.use_only_cookies = 0

Whether to save session SessionID on the client only using cookies, this option allows the administrator to prevent the user from passing the ID through the URL, the default is 0, and if disabled, the client will prevent sessions from working if the cookie is disabled.

Session.name = "Phpsessid"

Session ID name to use as cookie name

Session.auto_start = 0

Whether to start the session automatically, the default does not start, we know that when using the session function, we basically in each PHP script head will be through the session_start () function to start the session, if you start this option, The session is automatically started in each script header, without the need for each script header to start session with the Session_Start () function, which is recommended to turn off this option and use the default value.

Session.cookie_lifetime = 0

Passing SessionID cookie validity (in seconds), 0 means only valid during browser opening.

session.gc_probability = 1

Session.gc_divisor = 100

Defines the probability of starting the garbage collector each time the session is initialized. The formula is as follows: Session.gc_probability/session.gc_divisor, such as 1/100, means that there is a 1% probability to start the garbage collector, the more frequent access to the session page, the probability should be smaller. The recommended value is 1/1000~5000.

Session.gc_maxlifetime = 1440

Sets the lifetime of the saved session file, and after this parameter is set seconds, the saved data is considered ' garbage ' and cleaned up by the garbage collector. The criterion is the last time the data is accessed (for the FAT file system is the last time the data was refreshed). If multiple scripts share the same Session.save_path directory but session.gc_maxlifetime differ, the minimum values in all session.gc_maxlifetime directives are the same.

If you set up a subdirectory to store the session data file in the Session.save_path option, the garbage collector does not start automatically, and you must use your own shell scripts, cron entries, or other methods to perform garbage collection.

For example, set "Session.gc_maxlifetime=1440″ (24 minutes):

Cd/path/to/sessions; Find-cmin +24 | Xargs RM

These are some common session configuration options, and more session configuration options indicate that you can refer to the instructions in the php.ini file.

So far In the php.ini configuration file to configure the session of the PHP tutorial is finished, through the steps above the practice and learning, the basic session function can be used, as for the performance of the session and other aspects of the need to be based on the server environment and needs of fine-tuning, this to their own experience.

Attach a table

[Session]
Session.save_handler = files; Control method for saving/retrieving data
Session.save_path = c:wintemp; Parameters passed to the controller when Save_handler is set as a file.
; This is the path where the data file will be saved.
Session.use_cookies = 1; Whether to use cookies
Session.name = Phpsessid
; The name of the session used in the cookie
Session.auto_start = 0; Initialize session at request start
Session.cookie_lifetime = 0; The save time for the cookie in seconds,
; or 0 o'clock until the browser is restarted
Session.cookie_path =/; Valid path for cookies
Session.cookie_domain =; Valid fields for cookies
Session.serialize_handler = PHP; The controller used to connect data
; PHP is the standard controller for PHP.
session.gc_probability = 1; In percent ' garbage collection (defragmentation) ' Process
; The possibility of starting each session initialization.
Session.gc_maxlifetime = 1440; After the number of seconds here, the saved data will be treated as
; ' Fragmentation (garbage) ' and cleaned out by the GC process.
Session.referer_check =; Check the HTTP reference to invalidate the IDs that are included in the URLs extra
session.entropy_length = 0; How many bytes are read from the file
Session.entropy_file =; Specifies that the session ID is established here
; Session.entropy_length = 16
; Session.entropy_file =/dev/urandom
Session.cache_limiter = NoCache; Set to {Nocache,private,public} to determine the HTTP
; Caching problems
Session.cache_expire = 180; Document is obsolete after n minutes
Session.use_trans_sid = 1; Use transitional SID Support if compile-time permission
; --enable-trans-sid
Url_rewriter.tags = "A=href,