How to create Session in Php
This article mainly introduces how to create Session in Php. Interested friends can refer to it. I hope it will be helpful to everyone.
Related topic recommendations: php session (including pictures, videos, and practical cases)
Start the session session and create a $admin variable :
// 启动 session session_start(); // 声明一个名为 admin 的变量,并赋空值。 $_session["admin"] = null; ?>
If you use Session, or the PHP file wants to call the Session variable, you must start it before calling the Session, using the session_start() function. You don’t need to set anything else, PHP automatically creates the session file.
After executing this program, we can find the session file in the system temporary folder. Generally, the file name is in the form: sess_4c83638b3b0dbf65583181c2f89168ec, followed by a 32-bit encoded random string. Open it with an editor and take a look at its contents:
admin|N;
General content structure:
Variable name | Type: length: value;
And separate each variable with a semicolon. Some can be omitted, such as length and type.
Let's take a look at the verification program. Assume that the database stores the user name and md5 encrypted password:
// 表单提交后...
$posts = $_POST;
// 清除一些空白符号
foreach ($posts as $key => $value)
{
$posts[$key] = trim($value);
}
$password = md5($posts["password"]);
$username = $posts["username"];
$query = "SELECT `username` FROM `user` WHERE `password` = '$password'";
// 取得查询结果
$userInfo = $DB->getRow($query);
if (!emptyempty($userInfo))
{
if ($userInfo["username"] == $username)
{
// 当验证通过后,启动 session
session_start();
// 注册登陆成功的 admin 变量,并赋值 true
$_SESSION["admin"] = true;
}
else
{
die("用户名密码错误");
}
}
else
{
die("用户名密码错误");
}We start the session on the page that requires user verification to determine whether to log in:
// 防止全局变量造成安全隐患
$admin = false;
// 启动会话,这步必不可少
session_start();
// 判断是否登陆
if (isset($_SESSION["admin"]) && $_SESSION["admin"] == true)
{
echo "您已经成功登陆";
}
else
{
// 验证失败,将 $_session["admin"] 置为 false
$_SESSION["admin"] = false;
die("您无权访问");
}
?>Isn’t it very simple? Just think of $_session as an array stored on the server side. Each variable we register is the key of the array, which is no different from using an array.
What should I do if I want to log out of the system? Just destroy the session.
<?php session_start(); // 这种方法是将原来注册的某个变量销毁 unset($_SESSION["admin"]); // 这种方法是销毁整个 session 文件 session_destroy(); ?>
Can Session set the life cycle like Cookie? With Session, will Cookie be abandoned completely? I would say that it is most convenient to use Session in conjunction with Cookie.
How does Session determine the client user? It is determined by Session ID. What is Session ID is the file name of the Session file. Session ID is randomly generated, so it can be guaranteed to be unique. sex and randomness to ensure the security of Session. Generally, if the Session life cycle is not set, the Session ID is stored in the memory. After closing the browser, the ID is automatically logged out. After re-requesting the page, a new session ID is registered.
If the client does not disable cookies, the cookie plays the role of storing the Session ID and session lifetime when starting the Session session. Let's manually set the lifetime of the session:
session_start(); // 保存一天 $lifeTime = 24 * 3600; setcookie(session_name(), session_id(), time() + $lifeTime, "/"); ?>
In fact, Session also provides a function session_set_cookie_params(); to set the lifetime of the Session. This function must be called before the session_start() function is called:
// 保存一天 <?php $lifeTime = 24 * 3600; session_set_cookie_params($lifeTime); session_start(); $_session["admin"] = true; ?>
If the client uses IE 6.0, the session_set_cookie_params(); function will have some problems setting cookies, so we still call the setcookie function manually to create cookies.
What if the client disables cookies? There is no way, the entire life cycle is the browser process. As long as you close the browser and request the page again, you have to re-register the Session. So how to pass the Session ID? Pass it through the URL or through a hidden form. PHP will automatically send the session ID to the URL. The URL is in the form: http://www.openphp .cn /index.php?PHPSESSID=bba5b2a240a77e5b44cfa01d49cf9669, where The parameter PHPSESSID in the URL is the Session ID. We can use $_GET to obtain the value, thereby transferring the session ID between pages.
// 保存一天 <?php $lifeTime = 24 * 3600; // 取得当前 session 名,默认为 PHPSESSID $sessionName = session_name(); // 取得 session ID $sessionID = $_GET[$sessionName]; // 使用 session_id() 设置获得的 session ID session_id($sessionID); session_set_cookie_params($lifeTime); session_start(); $_session["admin"] = true; ?>
For virtual hosts, if all users’ Sessions are saved in the system temporary folder, it will cause difficulty in maintenance and reduce security. We can manually set the saving path of the Session file, session_save_path () provides such a function. We can point the session storage directory to a folder that cannot be accessed through the Web. Of course, the folder must have read-write attributes.
<?php // 设置一个存放目录 $savePath = "./session_save_dir/"; // 保存一天 $lifeTime = 24 * 3600; session_save_path($savePath); session_set_cookie_params($lifeTime); session_start(); $_session["admin"] = true; ?>
Same as the session_set_cookie_params(); function, the session_save_path() function must also be called before the session_start() function is called. We can also store arrays and objects in session. There is no difference between operating an array and operating a general variable. When saving an object, PHP will automatically serialize the object (also called serialization) and then save it in the session. The following example illustrates this point:
<?php
class person
{
var $age;
function output()
{
echo $this->age;
}
function setAge($age) {
$this->age = $age;
}
}
?>
setage.PHP
<?php
session_start();
require_once "person.PHP";
$person = new person();
$person->setAge(21);
$_session['person'] = $person;
echo "check here to output age";
?>
output.PHP
<?php
// 设置回调函数,确保重新构建对象。
ini_set('unserialize_callback_func', 'mycallback');
function mycallback($classname) {
$classname . ".PHP";
}
session_start();
$person = $_session["person"];
// 输出 21
$person->output();
?>Summary: The above is the entire content of this article, I hope it will be helpful to everyone's learning.
Related recommendations:
PHP method to obtain remote image size and size
php double-layer loop implementation Ninety-Nine Multiplication Table
php calls the express bird interface
The above is the detailed content of How to create Session in Php. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1664
14
1423
52
1317
25
1268
29
1246
24
PHP and Python: Comparing Two Popular Programming Languages
Apr 14, 2025 am 12:13 AM
PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.
PHP in Action: Real-World Examples and Applications
Apr 14, 2025 am 12:19 AM
PHP is widely used in e-commerce, content management systems and API development. 1) E-commerce: used for shopping cart function and payment processing. 2) Content management system: used for dynamic content generation and user management. 3) API development: used for RESTful API development and API security. Through performance optimization and best practices, the efficiency and maintainability of PHP applications are improved.
Explain secure password hashing in PHP (e.g., password_hash, password_verify). Why not use MD5 or SHA1?
Apr 17, 2025 am 12:06 AM
In PHP, password_hash and password_verify functions should be used to implement secure password hashing, and MD5 or SHA1 should not be used. 1) password_hash generates a hash containing salt values to enhance security. 2) Password_verify verify password and ensure security by comparing hash values. 3) MD5 and SHA1 are vulnerable and lack salt values, and are not suitable for modern password security.
PHP: A Key Language for Web Development
Apr 13, 2025 am 12:08 AM
PHP is a scripting language widely used on the server side, especially suitable for web development. 1.PHP can embed HTML, process HTTP requests and responses, and supports a variety of databases. 2.PHP is used to generate dynamic web content, process form data, access databases, etc., with strong community support and open source resources. 3. PHP is an interpreted language, and the execution process includes lexical analysis, grammatical analysis, compilation and execution. 4.PHP can be combined with MySQL for advanced applications such as user registration systems. 5. When debugging PHP, you can use functions such as error_reporting() and var_dump(). 6. Optimize PHP code to use caching mechanisms, optimize database queries and use built-in functions. 7
How does PHP handle file uploads securely?
Apr 10, 2025 am 09:37 AM
PHP handles file uploads through the $\_FILES variable. The methods to ensure security include: 1. Check upload errors, 2. Verify file type and size, 3. Prevent file overwriting, 4. Move files to a permanent storage location.
How does PHP type hinting work, including scalar types, return types, union types, and nullable types?
Apr 17, 2025 am 12:25 AM
PHP type prompts to improve code quality and readability. 1) Scalar type tips: Since PHP7.0, basic data types are allowed to be specified in function parameters, such as int, float, etc. 2) Return type prompt: Ensure the consistency of the function return value type. 3) Union type prompt: Since PHP8.0, multiple types are allowed to be specified in function parameters or return values. 4) Nullable type prompt: Allows to include null values and handle functions that may return null values.
The Enduring Relevance of PHP: Is It Still Alive?
Apr 14, 2025 am 12:12 AM
PHP is still dynamic and still occupies an important position in the field of modern programming. 1) PHP's simplicity and powerful community support make it widely used in web development; 2) Its flexibility and stability make it outstanding in handling web forms, database operations and file processing; 3) PHP is constantly evolving and optimizing, suitable for beginners and experienced developers.
PHP vs. Python: Understanding the Differences
Apr 11, 2025 am 12:15 AM
PHP and Python each have their own advantages, and the choice should be based on project requirements. 1.PHP is suitable for web development, with simple syntax and high execution efficiency. 2. Python is suitable for data science and machine learning, with concise syntax and rich libraries.
