Session is a conversational technology that is based on cookies and is more secure than cookies.
1.session principle
, the session will send a session ID to the client, and at the same time set up a session data area on the server, the client submits the session ID at the request, and the server finds it in the session data area through the session ID. The client only has a session ID, it has a certain timeliness, the important information is still stored on the server, so the session will be more secure.
2. Operation of the session
session_set.php
Take a look at the file where the session holds the data:
The contents of the session data area are saved by the serialized string, then deserialized when read, and the session supports a variety of data type storage, while the cookie only supports string.
Client cookie property settings in 3.seesion
The session is cookie-based and must have a session ID cookie stored on the client, and the server can set the cookie's properties to tell the browser how to generate the cookie:
Note: The session_set_cookie_params must be set before Session_Start ().
4.session Data area garbage collection settings
Data in session data area with the user's access to the server will generate more and more garbage data, so there must be garbage scanning and garbage cleanup. Of course, the server can not always go to scan which data is out of date, so the server loss is very large, so it must be a certain probability to trigger, to determine that the garbage will be cleaned out.
The following two parameters are set to trigger the probability of a garbage scan
ini_set (' session.gc_probability ', ' 1 ');
ini_set (' Session.gc_divisor ', ' 3 ');
Set how long it takes to be garbage and can be recycled
Ini_set (' Session.gc_maxlifetime ', ' 10 ');
5. How to disable cookies using the session
Show.html
Insert Title here Forbidden Cookies
session_get_no_cookie.php
!--? php//defines the storage path for the session data file, and the default is C:\Windows\tempsession_save_path (GETCWD () under Windows. Directory_separator. ' Temp '), if (Isset ($_get[' Phpsessid ')) {session_id ($_get[' PHPSESSID ']);} else if (isset ($_post[' Phpsessid ')) {session_id ($_post[' PHPSESSID ']);} Echo session_id (). "; Session_Start (); Var_dump ($_session);
6.session How to persist Normally, the session does not advocate persistence.
If you want to persist, set the following:
session_set_cookie_params (Php_int_max); Ini_set (' Session.gc_maxlifetime ', PHP_INT_MAX); Attention must be set before Session_Start!!
7.session and cookie differences and contact Contact:
session is stored in a cookie based on Cookie,session-id, and the cookie data resides on the client browser, Session key data is placed on the server.
Difference: