PHP session some basic knowledge _php tutorial

In PHP, the session is a server global variables can be implemented between the page passed, so the session is often used for server-side user login verification, session security is very high, let me introduce the basic knowledge of PHP session.

What do you think of the session? Do not know if you have studied, today Dahne PHP training teachers want to share some about this aspect of the content, I hope you can enjoy.

How long is the session's life cycle?

1 The browser ends at the end of its life cycle, but the archive still exists in/tmp/(Sess_???)

2 The next time you re-open the browser will be reassigned SessionID, if you use session_id () to bring back the previous ID, you will read the remaining in/TMP Sess_???, Retrieve all the parameters you have set before

3 You can modify the duration of the session file in PHP.ini.

Session.gc_maxlifetime = 1440; After this number of seconds, stored
Data would be seen as ' garbage ' and
Cleaned up by the GC process
The default is 1440 seconds, 24 minutes

Storage path issues noted with session

Look at the settings for the session in PHP.ini.

[Session]
Session.save_handler = files; Handler used to Store/retrieve data
Session.save_path =/tmp; Argument passed to Save_handler
In the case of files, the
path where data files are stored

The default is in the/tmp directory, this directory is not necessarily true AH!!! It's best to change your PHP installation path, such as c:/php

Thorough understanding of PHP session Mechanism 1.session.save_handler = files

* 1. Session_Start ()
1. Session_Start () is the beginning of the session mechanism, it has a certain probability to turn on garbage collection, because the session is stored in the file,
PHP itself garbage collection is not valid, the session of the recycling is to delete files, this probability is based on the configuration of PHP.ini,
However, some systems are session.gc_probability = 0, which means that the probability is 0, but instead of using a cron script to implement garbage collection.

session.gc_probability = 1
Session.gc_divisor = 1000
Session.gc_maxlifetime = 1440//Expiration time default 24 minutes
The probability is session.gc_probability/session.gc_divisor result 1/1000,
It is not recommended to set too small because the session garbage collection is required to check whether each file is out of date.
Session.save_path =//As if different systems are not the same by default, one setting is "N;/path"
This is a random tiered storage, this kind of word, garbage collection will not work, need to write their own scripts

2. The session will determine if there is currently $_cookie[session_name ()];session_name () to return the COOKIE key value that holds the session_id.
This value can be found from php.ini

Session.name = PHPSESSID//default value PHPSESSID

3. If it does not exist, it generates a session_id and then passes the generated session_id as the value of the cookie to the client.
is equivalent to performing the following cookie operation, note that this step performs a setcookie () operation, the cookie is sent in the header,
There is no output before this, PHP has another function session_regenerate_id () If you use this function, you cannot have output before.

Setcookie (Session_name (),
session_id (),
session.cookie_lifetime,//Default 0
session.cookie_path,//default '/' current program and directory are valid
session.cookie_domain,//default is empty
)

4. If there is so session_id = $_cookie[session_name];
Then go to session.save_path the designated folder to find the name ' Sess_ '. session_id () file.
The contents of the read file are deserialized and then placed in the $_session
* 2. Assigning Values to $_session
For example, add a new value $_session[' test ' = ' blah '; Then this $_session will only be maintained in memory, when the script execution is finished,
Write the value of the $_session to the folder specified in session_id, and then close the related resource. At this stage it is possible to perform changes to the session_id operation,
such as destroying an old session_id, creating a new session_id. Half used in custom session operations, role conversions,
For example, Drupal.drupal's anonymous user has a session, and when it logs in, it needs to be replaced with a new session_id

if (Isset ($_cookie[session_name ())) {
Setcookie (Session_name (), ", Time ()-42000, '/');//old session cookie expired
}
SESSION_REGENERATE_ID ();//This step will generate a new session_id
SESSION_ID () returns a new value

3. Write Session operation
At the end of the script will perform session write operation, the value of $_session to write to the session_id named file, may already exist,
You may need to create a new file.
* 4. Destroy session
The cookie that is sent by the session is usually an instant cookie that is stored in memory and expires when the browser is closed, and if it is forced to expire manually,
For example, to log out instead of closing the browser, you need to destroy the session in the code, there are many ways
o 1. Setcookie (Session_name (), session_id (), Time ()-8000000,..); /Log out before execution
o 2. Usset ($_session);//This will delete all $_session data, after the refresh, there is a cookie passed, but no data.
o 3. Session_destroy ();//This function is more thorough, delete $_session delete SESSION file, and session_id

When the browser is not closed, refresh again, 2 and 3 will have a cookie to pass, but no data found

2.session.save_handler = user

User-defined session processing mechanism, more intuitive
* Session_set_save_handler (' open ', ' close ', ' read ', ' write ', ' destroy ', ' GC ');
1.session_start (),
Execute open ($save _path, $session _name) Opening session action handle
$save _path in the case of Session.save_handler = files, it is Session.save_path,
However, if the user is self-determined, this two parameters are not used, directly return True

Reads the data from the read ($id).//This parameter is automatically passed session_id (), which can be manipulated by this value.
* 2. End of script execution
Execute write ($id, $sess _data)//two parameters, very simple
* 3. If the user needs Session_destroy ()
Execute the destroy first. In the 2nd step of execution

A practical example:

The code is as follows

Copy Code

Called when session is initialized function open ($save _path, $session _name) { Global $sess _save_path; $sess _save_path = $save _path; return (true); } Called when it is closed function Close () { return (true); } function Read ($id) { Global $sess _save_path; $sess _file = "$sess _save_path/sess_$id"; Return (String) @file_get_contents ($sess _file); } Write operation is performed before script execution finishes function Write ($id, $sess _data) { echo "SDFSF"; Global $sess _save_path; $sess _file = "$sess _save_path/sess_$id"; if ($fp = @fopen ($sess _file, "W")) { $return = fwrite ($fp, $sess _data); Fclose ($FP); return $return; } else { return (false); } } function Destroy ($ID) { Global $sess _save_path; $sess _file = "$sess _save_path/sess_$id"; Return (@unlink ($sess _file)); } Function GC ($MAXLIFETIME) { Global $sess _save_path; foreach (Glob ("$sess _save_path/sess_*") as $filename) { if (Filemtime ($filename) + $maxlifetime < time ()) { @unlink ($filename); } } return true; }

Cases

PHP Session before you store user information in a PHP session, you must first start the conversation.

Note: the Session_Start () function must precede the label:

The code is as follows	Copy Code
PHP session_start ();?>

The code above registers the user's session with the server so that you can start saving user information and assign a UID to the user session.
Store Session variables
The correct way to store and retrieve session variables is to use the PHP $_session variable:

The code is as follows	Copy Code
Session_Start (); Store session Data $_session[' views ']=1; ?> Retrieve session data echo "pageviews=". $_session[' views '; ?>

Output:

Pageviews=1

http://www.bkjia.com/PHPjc/632652.html www.bkjia.com true http://www.bkjia.com/PHPjc/632652.html techarticle in PHP, the session is a server global variables can be implemented between the page passed, so the session is often used for server-side user login verification, session security is very high, ...

