Summary of Section and Cookie Usage in PHP_PHP Tutorial-PHP Tutorial-php.cn

Summary of Section and Cookie Usage in PHP_PHP Tutorial

WBOY

Release： 2016-07-21 15:16:02

Original

914 people have browsed it

The difference between SESSION and COOKIE:

Session saves information on the server. After receiving the unique SESSION_ID, the server obtains relevant data based on this ID, and then passes the information to the client (browse server).
Cookie stores all information in a local file in the form of text, and is managed and maintained by the client (browser).
Because the Session data is stored on the server side, the remote client cannot process the data. Modification; Cookies are stored locally in the client and are easy to obtain and tamper with. Therefore, Session security is higher.

SESSION Introduction:

After PHP5, session is set to global Variables can be obtained through $_SESSION[session_id]. When the page starts a SESSION session, a SESSION with a unique id will be generated in the server. This SESSION will be valid until the end of the life cycle. When the web page is closed or the life cycle ends, the session It will automatically log out in the server.

Creating a session requires the following four steps:

a) Start the session..
There are two methods: bool session_star(); boolean session_register(string name);
b) Register a reply.
After the session variables are started, all are saved in the $_SESSION array. Creating a session variable through the array $_SESSION is very simple, just add a variable to the array That’s it.
c) Use session:
General operation: Determine whether the SESSION corresponding to session_id exists. If it does not exist, create one. If it exists, use $_SESSION[session_id].
d) Delete the session.
unset($_SESSION[session_id]);//Delete a single one.
　unset([$_SESSION]);//Delete the entire session, the entire session function will be disabled and cannot be restored.
　$__SESSION=array() ;//Delete the entire, recoverable.
　session_destroy();//End the current session..

Life cycle of SESSION:

1. Control session Life cycle method:
1. Prerequisite: The client supports COOKIE!
Method:
Completed through Session.
void session_set_cookie_params(int lifetime[,string path][,string domain ][,bool secure]);
bool setcookie(string name [,string value] [,int expire] [,string path] [,sting domain] [,secure]);
b>By Cookie Completed.
2. Prerequisite: The client does not support COOKIE!
Once the client does not support cookies, SESSION cannot be passed between pages. Solution:
a>. Prompt the user to turn on cookies before logging in. .
　b>. Use form POST/GET method to pass SESSION_ID.

　c>.Set session.use_trans_sid=1 in the php.ini file or turn on -enable-trans-sid when compiling;
　d>. Pass SESSION_ID through file or database;

SESSION performance optimization on the server:
In the server, if all user sessions are saved to the temporary directory , will reduce the security and efficiency of the server.
Solution: Store SESSION in a database or temporary file on the server.
Temporary file:
String session_save_path (string path);
Database :
When the session is stored in a temporary file, when the website has a large number of views, the efficiency of querying the Session will be very low. The database storage form is recommended.
bool session_set_save_handler(string open, string close, string read, string write, string destroy, string gc); // Store session_id with the function in the database.

SESSION cache:

Cache some information in the upcoming page Stored in the folder specified by the client, and a certain validity time can be set. (It has been accessed for the first time and stored) Within this validity time, when the page is accessed again, the content can be read directly from the cache. Thereby improving the efficiency of page browsing.

String session_cache_limiter(string cache_limiter); //Cache function.
int session_cache_expire([int new cache_expire]); //Effective time.

COOKIE introduction:

Cookie is a mechanism for remote clients to store data and track and identify users. It is a text file where the server temporarily stores data in the local user. Text file format: "Username@ Website address [number].txt"

COOKIE common functions:

a) Record certain information about visitors. b) Pass variables between pages; c) Store page content in cookies to improve the speed of next visit.
Use COOKIE with caution:
a) Not all browsers Support cookies.
b) Data is saved locally in clear text, which is not suitable for sensitive information and unencrypted information.
c) Different types of browsers have size and number restrictions on cookie files: for example, up to Only 300 cookie files can be stored, each size does not exceed 4KB. Each domain name supports up to 20 cookie files. If the number exceeds the display, it will be randomly deleted.
Create COOKIE:
bool setcookie(string name [, string value] [,int expire] [,string path] [,sting domain] [,secure]);
Read COOKIE:
　$_COOKIE[];
Delete COOKIE:
　a). setcookie("id", "",time()-1);//The value is empty and the valid time is less than the current time. 0 means directly deleting the COOKIE.
b). Manual deletion. Find the temporary cookie on the client. file.

After the setcookie() function, a refresh must be executed before the cookie can obtain the data:
My personal understanding is that the session and cookie are transmitted between the client and the server. Before the page is displayed, we The corresponding data must be obtained. Therefore, generally when obtaining http:// or https://, you must bring session or cookie. When executing setcookie(), the cookie is only stored locally but there is no address. Bring cookies.. So you need to refresh, let the server bring cookies to the address protocol and send it to the client, so that you can get the value..

Exactly before the above session_star(), setcookie(), the html page cannot There is output... So if cookie or session is recognized first, no one dares to recognize it second.