In-depth analysis of whether Session must rely on Cookie_PHP tutorial

The session in php can use the client's cookie by default (to distinguish it from cookies in the ordinary sense, I call it session cookie, and cookies in the ordinary sense are cookies) to save the session id, but in php Can the session only use session cookies?

Of course not, otherwise why bother to create a session? Why not just use cookies directly. One of the great advantages of session is that when the client's cookie is disabled, the session id will be automatically attached to the URL, so that the session id can be used Can remember session variables.

I will write two files below to confirm. First, disable cookies in the browser.

Copy the code The code is as follows :

//The file name is test1.php
session_start();
session_register("url");
$url="test2. php";
echo "goto test2.php";
?>

Copy code The code is as follows:

session_start();
if (session_is_registered("url")) {
echo "congratulations.";
$url="test1.php";
echo "goto test1.php";
} else
echo "failed.";
?>

Now Enter "http://localhost/test1.php" in the browser, move the mouse over the link and look at the address on the status bar. It is not simply "http://localhost/test2.php", but this Format: "http://localhost/test2.php?phpsessid=6e3610749f7ded3784bc4a4dd10f879b".

You can also view the html source file, which is in this form:
goto test2.php
So this is entirely due to PHP and has nothing to do with the browser, which means that the session is valid no matter what browser you use, not only for IE as some people think.

However, our hyperlink statement is output by the echo statement. What will happen if the hyperlink is not included in the PHP tag ? Let’s write an example to verify it, put test1. php slightly modified:

Copy code The code is as follows:

session_start();
session_register("url");
$url="test2.php";
echo "goto test2.php";?>
< ;a href="test2.php">(html form)goto test2.php

Enter "http://localhost/test1.php" in the browser, move the mouse to the two links respectively to see if there is any difference? You can see that the two links are exactly the same, and the following will automatically Comes with session id. So you don’t have to worry about links not included in php tags being invalid, php won’t be so stupid.

But when using it, please note that you must first use the session_start() function to tell PHP to start using the session, even if you only have html code in this file, such as:




gogogo
…………

I remember someone said that this advantage can only be exerted under linux/unix, but I use win2000p+apache1.3.17+php4.0.4pl1, php is the apache module mode, but it still works. On the contrary, I switched When I went to Linux for testing, it didn't work. In fact, an option during compilation --enable-trans-sid controls whether this function is useful. When compiling according to PHP default, this function is not turned on. Just Just add it when recompiling. My configuration is apache1.3.17+php4.0.4pl1, and php is in apache module mode. After recompiling on Linux, the test with netscape navigator4.7 can pass (this further proves that it has nothing to do with the browser) ).

Session alone cannot be used across windows. Even if you enable cookies, when you have a legal session id in a window (recorded in the session cookie, not in the URL), open a new window and enter the same window. When you open the page, you will have a new session id, which will not affect the previous window.

If you want to use the same session id across windows, you can only specify the session id after the url. That is to say, if you copy the url of the window with session id, in the newly opened window Paste it in and still use it. Knowing the principle of session id, it is not difficult to implement cross-window session. You can combine cookie with session. First get the current legal session id, and then record it in In the cookie, the current session id can be obtained by reading the cookie in other windows.

http://www.bkjia.com/PHPjc/328096.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/328096.htmlTechArticleThe session in php can use client cookies by default (to distinguish it from cookies in the ordinary sense, I It is called a session cookie (a cookie in the ordinary sense is a cookie) to save sessi...