Home > Backend Development > PHP Tutorial > Detailed explanation of PHP session storage method_PHP tutorial

Detailed explanation of PHP session storage method_PHP tutorial

WBOY
Release: 2016-07-20 11:17:55
Original
976 people have browsed it

First confirm whether the session is automatically opened or whether it needs to be opened manually through session_start():

; Specifies whether the session module automatically starts a session when the request starts. Default is 0 (do not start)

; Initialize session on request startup.

; http://php.net/session.auto-start

session.auto_start = 0

On the client side, sessions can be stored in cookies or retrieved via URL parameters. Dependent on server configuration:

; Specifies whether to use a cookie on the client to store the session ID. Default is 1 (enabled)

 ; Whether to use cookies.

; http://php.net/session.use-cookies

session.use_cookies = 1

; Specifies whether to only use cookies to store session IDs on the client side. . Enabling this setting prevents attacks involving session IDs being passed through URLs.

; This option forces PHP to fetch and use a cookie for storing and maintaining

; the session id. We encourage this operation as it's very helpful in combatting

; session hijacking when not specifying and managing your own session id. It is

; not the end all be all of session hijacking defense, but it's a good start.

; http://php.net/session.use-only-cookies

session.use_only_cookies = 1

If it is confirmed that it is stored in the cookie, you can further configure the configuration of the session stored in the cookie, such as cookie_name, cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly

; Name of the session (used as cookie name).

; http://php.net/session.name

session.name = PHPSESSID

; Lifetime in seconds of cookie or, if 0, until browser is restarted.

; http://php.net/session.cookie-lifetime

session.cookie_lifetime = 0

; The path for which the cookie is valid.

; http://php.net/session.cookie-path

session.cookie_path = /

; The domain for which the cookie is valid.

; http://php.net/session.cookie-domain

session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages ​​such as JavaScript.

; http://php.net/session.cookie-httponly

session.cookie_httponly =

On the server side, sessions can also be stored in a variety of ways. The default session is stored in a file, and session.save_path is the path to create the storage file.

; Handler used to store/retrieve data.

; http://php.net/session.save-handler

session.save_handler = files

; Argument passed to save_handler. In the case of files, this is the path

; where data files are stored. Note: Windows users have to change this

; variable in order to use PHP

 's session functions.

;

; The path can be defined as:

;

; session.save_path = "N;/path"

;

; where N is an integer. Instead of storing all the session files in

; /path, what this will do is use subdirectories N-levels deep, and

; store the session data in those directories. This is useful if you

; or your OS have problems with lots of files in one directory, and is

; a more efficient layout for servers that handle lots of sessions.

;

; NOTE 1: PHP will not create this directory structure automatically.

; You can use the script in the ext/session dir for that purpose.

; NOTE 2: See the section on garbage collection below if you choose to

; use subdirectories for session storage

;

; The file storage module creates files using mode 600 by default.

; You can change that by using

;

; session.save_path = "N;MODE;/path"

;

; where MODE is the octal representation of the mode. Note that this

; does not overwrite the process's umask.

; http://php.net/session.save-path

;session.save_path = "/tmp"

PHP supports session_set_save_handler to implement custom open, close, read, write, destroy, gc processing functions of the session processor. Common session processors include the use of memory allocation (such as mm, memcache, etc.), which can also be used Database for storage. It can be seen that if the session storage needs to work together with the file system (such as using the database PostgreSQL Session Save Handler or the default file storage files), it may cause the user-customized session processor to lose the session that does not store data. If you use memory allocation storage, you need to consider the issue of session persistent storage.

Next, we will focus on the memcache(d?) session processor.

The Memcache module provides convenient process-oriented and object-oriented interfaces to memcached. Memcached is a resident process cache product produced to reduce the load of data from the database by dynamic web applications.

The Memcache module also provides a session processor (memcache).

For more information about memcached, please see » http://www.memcached.org/.

Memcached is a high-performance distributed memory object caching system, which is usually used to reduce database loading pressure to improve the response speed of dynamic web applications.

This extension uses the API provided by the libmemcached library to interact with the memcached server. It also provides a session handler (memcached). It also provides a session processor (memcached).

More information about libmemcached can be viewed at » http://libmemcached.org/libMemcached.html.

memcache session processor configuration:

session.save_handler = memcache

 session.save_path = "tcp://127.0.0.1:11211?persistent=0&weight=1&timeout=1&retry_interval=15,tcp://127.0.0.1:11212?persistent=0&weight=1&timeout=1&retry_interval=15,tcp: //127.0.0.1:11213?persistent=0&weight=1&timeout=1&retry_interval=15,tcp://127.0.0.1:11214?persistent=0&weight=1&timeout=1&retry_interval=15"

The database handler can be implemented using Session PgSQL (this extension is considered unmaintained). You can also use other databases to implement session storage, but you need to customize the handler function function.session-set-save-handler.php. For specific custom processors, see maria at junkies dot jp.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/371875.htmlTechArticleFirst confirm whether the session is automatically opened or needs to be opened manually through session_start(): ; Specify whether the session module is requested to start Automatically start a session. Default is 0 (do not start) ;...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template