The session and PHP have to say that something

A few days ago to go to the interview, cast is PHP development internship, big or a sophomore on self-study PHP, so calculated to also self-taught for two years, usually do a little project or other interests are also used PHP,CI framework is also very skilled, at least the source read a large part (originally to give a project hanging horse). So I think the level is not good at least get an internship. Results hehe, although not miserable is also quite unsatisfactory (in here do not want to spit groove pull hook net).

Words do not say, the session everyone use, novice general is session_start () and then began to assign value AH check ah and so on. An interviewer asked me, the difference between session and Cookie, this is very simple, understand the web base should be clear, a server side of a browser, and then the security of the server pressure, and so on, then he asked me the default time, this I really did not notice. Later talked about something else, in short, then was to be brushed off, inform me that I am not solid foundation.

Now in the internship of the company relatively free (I do not want to be idle, but not busy), I have a deep understanding of the PHP session mechanism, only to find that all the original is not as simple as we think ....

We all know that the existence of the session is meant to let the server know who the stateless HTTP requests are, session storage is generally through the cookie store a phpsessid in the browser, some may be attached to the URL, we do not consider.

So the first question comes:

How long is the session stored?

Session time can be set by session.gc_maxlifetime, default 1440 seconds, 24 minutes; But the Official handbook says:

Session.gc_maxlifetime Specifies the number of seconds after which the data is considered "junk" and cleared. Garbage collection may start when the session starts (depending on session.gc_probability and session.gc_divisor).

session.gc_probability and Session.gc_divisor together to manage the probability that the GC (garbage collection garbage collection) process starts. session.gc_probability Default is 1,session.gc_divisor defaults to 100; this probability is used Gc_probability/gc_divisor Calculated. For example, 1/100 means that there is a 1% probability of starting the GC process in each request.

Right, pit on this in, 24 minutes later also not necessarily will clean up, even if the GC starts up also only 1% of the probability is cleared; maybe you would like to adjust the probability to 100%, but I did not test 100% of the case the GC frequently start traversing various files will have a greater impact on speed. I could not help thinking of the interviewer's sly smile when he asked the question.

After that, you can see the following on the official website note:

Either by calling the function session_start () to open the session manually or by using the configuration item Session.auto_start to automatically open the session, for file-based session data saving (the default behavior of PHP), The session data file is locked at the beginning of the session until the PHP script executes or explicitly calls Session_write_close () to save the session data. during this time, other scripts do not have access to the same session data file.

Also say that for the same user at the same time I can only be the first session to operate, if my site a large number of Ajax such requests, then will certainly cause blocking. The following note is recommended on the website:

This can be a serious problem for a large number of sites that use Ajax or concurrent requests. The simplest way to solve this problem is if you modify the variables in the session, you should call Session_write_close () as soon as possible to save the session data and release the file lock. Another option is to replace the file session Save manager with a session save manager that supports concurrent operations.

But I call Session_write_close () is not a call to Session_Start (), is not very troublesome.

So, discard the built-in file session Save manager that comes with PHP.

What does it use to store and manage Session?

I am currently in the two development of the CMDB is used by MySQL, the trouble in the constant check time and then delete. Every logic behind to check again, very troublesome, my first thought is memcached, after all, set the time is good, it should be very convenient. Results see this article:

Why can't I store session with memcached

Then there is the following:

How to use Redis as a PHP Session handler

Also see: Bird brother how to set a strict 30-minute expiration session; either store it with a third-party storage, or set the expiration time of the session when the cookie expires, and add a timestamp for each visit.

Finally, I blog moved to my personal domain under the blog http://www.ebwill.com

The session and PHP have to say that something