Session.use_trans_sid PHP session Sesionid and cookies

Source: Internet
Author: User
Tags php session
Attached: Abstracts

============================================================
A friend who has used a session in PHP may encounter a problem where session variables cannot be passed across pages. It upset me for a few days, and I finally thought through the data and solved the problem. I think there are several reasons for this problem:
1, the client has disabled the cookie
2, browser problems, temporarily unable to access cookies
3, Session.use_trans_sid = 0 in php.ini, or--ENABLE-TRANS-SID option is not turned on at compile time

Why is that? Let me explain:

Session is stored on the server side (the session is stored by default), according to the session ID provided by the client to the user's file, get the value of the variable, session ID can use the client's cookie or Http1.1 protocol Query_ String (the "?" of the URL that is visited Later) to the server, and then the server reads the Session Directory .... That is, the session ID is the ID that gets the session variable stored on the service. When the Code session_start (), run, on the server generated a session file, followed by the only corresponding to a session ID, define the session variable to be stored in a certain form in the session file just generated. The session ID allows you to remove the defined variable. After the spread, in order to use the session, you must also execute session_start (); A session file will be generated, corresponding to the session ID, with this session The ID is not the variable in the first session file mentioned above, because the session ID is not the "key" to open it. If the Session_Start (), preceded by the code session_id ($session ID), will not generate a new session file, directly read the session file corresponding to this ID.

The session in PHP uses the client's cookie to save the session ID by default, so it will affect the session when there is a problem with the client's cookie. It is important to note that the session does not necessarily have to rely on cookies, which is a clever place for the session compared to cookies. When the client's cookie is disabled or there is a problem, PHP automatically attaches the session ID to the URL, so that the session ID can be used across the page to use the session variable. However, this attachment also has certain conditions, that is, "php.ini in Session.use_trans_sid = 1 or at compile time opens the--ENABLE-TRANS-SID option."

Friends who have used the forum know that when entering the forum, you will often be prompted to check whether the cookie is open, this is because most of the forum is based on cookies, forum use it to save user name, password and other user information, easy to use. And many friends think that cookies are unsafe (not really) and often disable them. In fact, in the PHP program, we can use the session instead of cookies, it can not depend on whether the client to open cookies.

So, we can put aside cookies using the session, that is, assuming the user closes the cookie in the case of the use of the session, there are several ways to achieve the following:

1. Set session.use_trans_sid = 1 in php.ini or open the--ENABLE-TRANS-SID option at compile time to have PHP automatically pass the session ID across pages.
2, manually pass the URL value, hide the form passed session ID.
3, file, database and other forms to save session_id, in the process of cross-page manual call.

Route 1 illustrates:

s1.php

Session_Start ();
$_session[' var1 ']= "People's Republic of China";
$url = "Next page";
echo $url;
?>

s2.php

Session_Start ();
echo "passes the value of the SESSION variable var1:". $_session[' var1 ');
?>

Running the above code, in case the client cookie is normal, should be able to get the result "People's Republic of China".
Now you manually shut down the client's cookie and run it, you may not get the result. If you don't get the results, then "set Session.use_trans_sid = 1 in php.ini" or "open--enable-trans-sid option at compile time" and get results "People's Republic of China"

Route 2 illustrates:

s1.php

Session_Start ();
$_session[' var1 ']= "People's Republic of China";
$SN = session_id ();
$url = "Next page";
echo $url;
?>

s2.php

session_id ($_get[' s ');
Session_Start ();
echo "passes the value of the SESSION variable var1:". $_session[' var1 ');
?>

The basics of how to hide a form are the same.

Route 3 illustrates:

Login.html




Login



Please login:


mylogin1.php

$name =$_post[' name '];
$pass =$_post[' pass ';
if (! $name | |! $pass) {
echo "User name or password is blank, please login again";
Die ();
}
if (! ( $name = = "Youngong" && $pass = = "123") {
echo "username or password is incorrect, please login again";
Die ();
}
Registered users
Ob_start ();
Session_Start ();
$_session[' user ']= $name;
$psid =session_id ();
$FP =fopen ("E:/tmp/phpsid.txt", "w+";
Fwrite ($fp, $psid);
Fclose ($FP);
Authentication successful, related operations
echo "Logged in
";
echo "Next page";

?>

mylogin2.php

$FP =fopen ("E:/tmp/phpsid.txt", "R";
$sid =fread ($FP, 1024);
Fclose ($FP);
session_id ($SID);
Session_Start ();
if (Isset ($_session[' user ') && $_session[' user ']= "Laogong" {

echo "Logged in!";
}
else {
Successful login for related operations
echo "Not logged in, not authorized to access";
echo "Please login and browse";
Die ();
}

?>

Also close cookie test, user name: Youngong Password: 123 This is the file to save the session ID, the file is: E:mpphpsid.txt, depending on your system to determine the file name or path.

As for the method of using the database, I will not give an example, similar to the method of the file.

Summing up, the above method has a common point, is to get the session ID on the previous page, and then try to pass to the next page, the next page of Session_Start (), code before the code session_id (pass the session ID);
====================================================================

also, my php.ini file is stored in two places 1.c:/php4/php.ini 2.c:/winnt/php.ini, and my program seems to only know C:/php4/php.ini, Winnt changes under php.ini does not work .!!!
It's best to change two files at the same time if it's not clear which php.ini works, but it's a hassle, but it solves the problem.

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.