PHP session tracking Two (42)

Session

What is a session?
?? The session begins with the user access page, to the point where the connection to the site is disconnected, forming the life cycle of a conversation. During a session, the client is assigned a unique SessionID that identifies the current user and distinguishes it from other users.
?? Session, SessionID will be stored on both the client and server side two locations, for the client to use a temporary cookie to save (cookie name is called PHPSESSID) or through a URL string passed, The server side is also saved as a text file in the specified session directory.
?? The session receives each access request through the ID, thus identifying the current user, tracking and maintaining the user's specific data, and session variables (which can be stored in the session during the session for digital or textual data), such as session_name, etc. These variable information is stored on the server side.
?? SessionID can be saved as session information in the database, and the session can be persisted, so as to track each user's login times, online or not, online time, etc.

The difference between the use of cookies and the session in PHP:

Both cookies and sessions can temporarily hold variables that are used on multiple pages, but they are fundamentally different.
?? Cookies are stored in the client browser,
?? Session is saved on the server.
?? The link between them is that the session ID is usually stored in a cookie or placed on a URL.
?? How to Disable Cookies: (click "Tools"-"Internet Options" in IE, click "Security"-"Custom Level" in the pop-up dialog to set "Allow each conversation cookie" to disabled)

Implementing a simple session

The basic steps for using a session are as follows:
?? Start a session
?? Registering Session Variables
?? Using Session Variables
?? Unregister variables and destroy sessions

1 Starting a session

Session_Start (): Starts a session or returns a session that already exists.
Description: This function has no parameters and the return value is true. If you use a cookie-based session, the browser cannot have any output before using session_start (), otherwise the following error will occur:
Warning:cannot Send session Cache Limiter-headers already sent (output started AT/USR/LOCAL/APACHE/HTDOCS/CGA/MEMBER/1. Php:2) .......

2 Registering a Session variable

PHP5 use $_session[' xxx ']=xxx register SESSION Global Change
Amount It is similar to the Get,post,cookie method.
?? Note: Session_register (), Session_unregister (), session_is_registered () are no longer used under PHP5 unless PHP.ini is set to on in Register_globle, However, for security reasons, it is highly recommended to close register_globle. Http_session_vars also do not advocate the use of, the official proposed to replace it with $_session.

3 Using Session Variables

To make a session variable available in a range, you must first start a session with the Session_Start () function. This allows access to the variable through the $_session Super Global array.
such as: Echo $_session[' MyVar '];
?? Before use, determine if the variable is a registered session variable.
if (Isset ($_session[' MyVar '))

4 page1.php

?   You must call this function before using the session.  // Register a SESSION variable $_session[' passwd '="Mynameislikui"; $_session[' time ')= Time (); Echo ' 
    
     />
     "page2.php" > pass through a cookie session<// If the client supports cookies, You can pass the session to the next page through the link . Echo ' 
       
        />
       
      Pass the URL session</a> '; // when a client does not support cookies, use this method to pass session.? >
    

session_id

SESSION_ID () is used to set or get the current session_id. In PHP5
You can either use session_id () or the SID appended to the URL
Gets the session_id and session_name of the current session.
?? If session_id () has a specified value, the current SessionID value will be replaced.
When a cookie is not disabled, if a session_id () value is specified, a cookie value will be sent to the client each time the Session_Start () is started. Regardless of whether the current SessionID is equal to the specified value.
?? If session_id () does not specify a value, the current SessionID is returned, and an empty string is returned if the current session is not started.
?? The function must be used before starting the session: Session_Start ();

View current SessionID<? Phpsession_start (); echo "The current session ID is:". session_id ();? >?? Set SessionID<? phpsession_id ("ABC2008"); // must be before session_start () session_start (); Echo "Modified session ID:". session_id ();? >

Change the session_id without affecting the information

?? SESSION_REGENERATE_ID () returns True if the change succeeds, and false if it fails.
?? Use this function to allow the current session to replace the SessionID, but do not change the current session of the other information.

? Phpsession_start (); $old _sessionid= session_id (); session_regenerate_id (); $new _sessionid=  "Original SessionID: $old _sessionid 
" "New SessionID: $new _ SessionID 
 "; echo" 
 ";p Rint_r ($_session); echo "
";? >

Session_name

Session_name () returns the name of the current session or changes the name of the current session.
?? If you want to change the name of the current session, you must be in Session_Start ()
Before calling the function. Note: Session_name cannot be set only by numbers
, it contains at least one letter. Otherwise it will generate a
The new session ID.
Example of Session renaming:

? php$previous_name= Session_name ("websiteid""  The new session name is: $previous _name 
 ";? >

Session cross-page delivery problem

There are three things to consider in session cross-page delivery:
?? The client has disabled cookies.
?? There is a problem with the browser, temporarily unable to access cookies
?? PHP.ini in the session.use_trans_sid= 0 or
--ENABLE-TRANS-SID option is not turned on at compile time

Three ways to solve the problem of Session cross-page delivery

1, set session.use_trans_sid= in php.ini 1 or open the--ENABLE-TRANS-SID option at compile time, let PHP automatically pass the session ID across pages.
?? 2, manually pass the URL value, hide the form passed session ID.
?? 3, file, database and other forms to save session_id, in the cross-
Called manually during the page process.

1 Resolving session delivery issues

page1.php?? ? Phpsession_start (); $_session[' var1 ']="People's Republic of China"; $url= "a> "; echo $url;? >

?? Page2.php?? ? Phpsession_start (); echo "passes the value of the SESSION variable var1:". $_session[' var1 ');? > >?? Now you manually shut down the client's cookie and run it without results.

2 First approach

Set session.use_trans_sid= 1 in php.ini
?? Open--enable-trans-sid option on compile-time "
?? Note: Linux is applicable, Windows does not apply

PHP session tracking Two (42)