Brief description of Session principle_PHP tutorial
The significance of Session is probably understood by everyone who is engaged in web development. It is just to solve the problems caused by HTTP being a stateless protocol, so I won’t go into details. The main thing I want to talk about here is how the server and the client interact using sessions.
General process of Session work
Look at the flow chart below:
When a user visits the site for the first time, PHP will use the session_start() function to create a session ID for the user. This is the unique identification for the user. Each visiting user will get a unique session ID. This session ID will be stored in the cookie in the response header and then sent to the client. This way the client will have a session ID given to him by the site.
When the user visits the site for the second time, the browser will send the locally stored cookie (which contains the session ID obtained last time) to the server along with the request. After receiving the request, the server will detect whether If there is a session ID, the corresponding session file will be found and the information in it will be read; if not, a new one will be created just like the first time.
Usually the exit function of the site is actually to call the session_destroy() function (it may be more complicated), delete the user's session file, and then clear the user's cookies. In this way, there is no contact between the client and the server.
The red box in the picture is a complete HTTP request. Because HTTP is stateless, after a request is completed, the client and the server no longer have any relationship, and no one knows each other. However, due to some needs (such as maintaining login status, etc.), the server and the client must be kept in contact, and the session ID becomes the medium for this contact.
Client work
Through the above analysis, we can know that session actually relies on cookies. When a user visits a certain site, the browser will automatically search for available cookies based on the site the user visits. If there are available cookies, they will be sent with the request. Sent to the server. Each time a response from the server is received, the local cookie information is updated.
Of course, you can also use GET to pass the session ID, but GET is not recommended because it is unsafe.
Server-side work
As you can see from the flow chart above, the server actually stores some of the data generated in the session file. The name of the file is "sess" plus the session ID, and the storage location of these files. It is the session.savepath value found by phpinfo().
We can clearly see from the above picture that the server and client save the same session ID information, which is the key to keeping the two in contact.
The negative impact of Session
There are advantages and disadvantages. The main problem brought by sessions is the impact on performance. You can imagine that for a web site with tens of millions of users, if each user saves the session file, then every time the user accesses Just searching for the corresponding session file will consume a lot of system resources. So at this time it is necessary to make some custom settings for session storage, such as sub-directories or hashes, etc. In addition to saving to the session file, you can also abandon the session function that comes with PHP, implement the session yourself, and store the session information in the database. In this way, it is best to set up the cache of the database, otherwise tens of millions of data will be processed too much. Frequent retrieval is also quite resource consuming.
Clear Session
This connection between the client and the server must be time-limited, so the session needs to be cleared regularly. This issue needs to be considered in two aspects. One is to clear the server-side session file, and the other is to clear the client's cookie information, because both of them save half of the information.
The PHP GC process can scan the session storage directory to clear session files, but this process is particularly resource-consuming, so PHP defaults to a 1% chance to clean up an expired session when a session is started, so it does not mean that a user When a session expires, its corresponding session file will be cleared immediately, and there is a 99% chance that it will not be cleared. This requires us programmers to do it ourselves. You can store an expiration time in the session information, and the value is the time of the user's last visit. When a user visits, the current time is subtracted from the last access time to see if it times out. If it times out, the corresponding session file is deleted, and the Expires attribute of the cookie is set to a negative value so that the cookie information on the client side also expires. In this way, the browser It will be deleted automatically.
PHP related Session common functions
- session_start(): Start the session, there is nothing to say about this. Open the session file based on the session ID. If there is no session ID, create an ID and corresponding session file
- $SESSION[] array: a global array that stores user information. In addition to storing the data in $SESSION, the session file will actually store other Information, such as id, etc.
- sessionunset(): Clear the $SESSION array. It clears the values in the array, while the $SESSION variable is still exists, and unset($SESSION) is a completely different concept
- sessioncommit(): Submit session data and end the session, write $SESSION data to the file and end the session. In fact, when a page is executed After finishing, php will automatically perform the same operation as this function. So this function is rarely used
- session_destroy(): Log out of the session. This means closing the session and deleting the corresponding session file. Cut off the connection between client and server.

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics

The combination of Vue.js and ASP.NET provides tips and suggestions for performance optimization and expansion of web applications. With the rapid development of web applications, performance optimization has become an indispensable and important task for developers. As a popular front-end framework, Vue.js combined with ASP.NET can help us achieve better performance optimization and expansion. This article will introduce some tips and suggestions, and provide some code examples. 1. Reduce HTTP requests The number of HTTP requests directly affects the loading speed of web applications. pass

How to correctly use and optimize the MySQL connection pool in ASP.NET programs? Introduction: MySQL is a widely used database management system that features high performance, reliability, and ease of use. In ASP.NET development, using MySQL database for data storage is a common requirement. In order to improve the efficiency and performance of database connections, we need to correctly use and optimize the MySQL connection pool. This article will introduce how to correctly use and optimize the MySQL connection pool in ASP.NET programs.

Translator | Reviewed by Chen Jun | Chonglou In the 1990s, when people mentioned software programming, it usually meant choosing an editor, checking the code into the CVS or SVN code base, and then compiling the code into an executable file. Corresponding integrated development environments (IDEs) such as Eclipse and Visual Studio can integrate programming, development, documentation, construction, testing, deployment and other steps into a complete software development life cycle (SDLC), thus improving the work of developers. efficiency. In recent years, popular cloud computing and DevSecOps automation tools have improved developers' comprehensive capabilities, making it easier for more enterprises to develop, deploy and maintain software applications. Today, generative AI is the next generation development

How to reconnect to MySQL in ASP.NET program? In ASP.NET development, it is very common to use the MySQL database. However, due to network or database server reasons, the database connection may sometimes be interrupted or time out. In this case, in order to ensure the stability and reliability of the program, we need to re-establish the connection after the connection is disconnected. This article will introduce how to reconnect MySQL connections in ASP.NET programs. To reference the necessary namespaces first, reference them at the head of the code file

The combination of Vue.js and ASP.NET enables the development and deployment of enterprise-level applications. In today's rapidly developing Internet technology field, the development and deployment of enterprise-level applications has become more and more important. Vue.js and ASP.NET are two technologies widely used in front-end and back-end development. Combining them can bring many advantages to the development and deployment of enterprise-level applications. This article will introduce how to use Vue.js and ASP.NET to develop and deploy enterprise-level applications through code examples. First, we need to install

How to correctly configure and use MySQL connection pool in ASP.NET program? With the development of the Internet and the increase in data volume, the demand for database access and connections is also increasing. In order to improve the performance and stability of the database, connection pooling has become an essential technology. This article mainly introduces how to correctly configure and use the MySQL connection pool in ASP.NET programs to improve the efficiency and response speed of the database. 1. The concept and function of connection pooling. Connection pooling is a technology that reuses database connections. At the beginning of the program,

Overview of the recommended configuration for using Visual Studio for ASP.NET development on Linux: With the development of open source software and the popularity of the Linux operating system, more and more developers are beginning to develop ASP.NET on Linux. As a powerful development tool, Visual Studio has always occupied a dominant position on the Windows platform. This article will introduce how to configure VisualStudio for ASP.NE on Linux

The built-in objects in ASP.NET include "Request", "Response", "Session", "Server", "Application", "HttpContext", "Cache", "Trace", "Cookie" and "Server.MapPath": 1. Request, indicating the HTTP request issued by the client; 2. Response: indicating the HTTP response returned by the web server to the client, etc.
