A summary of experience in using SESSION in PHP_PHP Tutorial
When the SESSION session is opened, a cookie that uniquely identifies the session_id of the browser will be sent first (the name is PHPSESSID and can be obtained through session_name()). In the same case as session.save_handler = files, in the specified directory of the server (such as temp) Generate a file without suffix, the name is
'sess_" + 'session_id';

This completes the basic settings. Then the next time an http request is initiated, the browser will first send all cookie names and values under the current domain name, so that the server can read the session file based on the session_id in the cookie without confusing who the session belongs to.
This step is as follows:
SESSION sends a unique cookie variable session_id to the browser. This session_id variable has a name and a value. The variable name (name) defaults to PHPSESSID, and the variable value (value) is a string randomly generated by apach, similar to rvag9m368vim7k8g4v7k2ank70. The session_id usually refers to this unique string rvag9m368vim7k8g4v7k2ank70.
Specifically, this is under the HTTP response header of FF:

session_start();
The above sentence in the program completes the above function. If you browse If the server does not send a PHPSESSID cookie, it will send one, and if it does, it will read the cookie, so that the same session can be maintained.
Okay now that we know how the session works, we can deduce that if we manually delete the file sess_rvag9m368vim7k8g4v7k2ank70 on the server side, then the session will be invalid. If the browser cookie is invalid, then the session will still be invalid.
In manual case:
On the server side, you can use
session_destroy() or session_unset()
to invalidate it.
On the browser side:
You can directly
?setcookie('PHPSESSID','',123);
Let the cookie expire, or another way, but it cannot expire immediately
? session_set_cookie_params($time);//The seconds on the current timestamp, such as 60, that is, let it expire after 60 seconds. Do not use the timestamp + the time you set.
The above mentioned are all about letting the session expire early, but is it possible to directly delay the session? In addition to modifying the configuration (session.gc_maxlifetime), the expiration time is set in session.gc_maxlifetime in php.ini. At this time, there is a probability that session.gc_probability /session.gc_divisor will be recycled. If this time is reached and the GC process is started, the GC will read the modification time (mtime) of the session file and find that it is greater than session.gc_maxlifetime after subtracting the current time, and delete it immediately. At this point, we understand how to maintain this session. It can only be maintained within session.gc_maxlifetime. A user must be accessing it. The session must be modified every time it is accessed. This way, the session will have more survival time than session.gc_maxlifetime. .
Also talk about session.cookie_lifetime, which sets the survival time of PHPSESSID in the browser. The default is 0. I found it to be normal under IE. The cookie will become invalid when the browser is restarted; it continues to exist under FF. You can use session_set_cookie_params to set session.cookie_lifetime,
?session_set_cookie_params(60);//60 s session_start();
session.gc_maxlifetime and session.cookie_lifetime jointly determine the lifetime of the session.
-------------------------------------------------- ----------------
I just looked for information on firefox cookie session expiration and found the following
This is apparently by design. Check out this Bugzilla bug: https: //bugzilla.mozilla.org/show_bug.cgi?id=443354
Firefox has a feature where you close Firefox and it offers to save all your tabs, and then you restore the browser and those tabs come back. That's called session restore. What I didn't realize is that it'll also restore all the session cookies for those pages too! It treats it like you had never closed the browser.
This makes sense in the sense that if your browser crashed you get right back to where you were, but is a little disconcerting for web devs used to session cookies getting cleared. I've got some old session cookies from months ago that were set by sites I always have open in tabs.
To test this out, close all the tabs in your browser, then close the browser and restart it. I think the session cookies for your site should clear in that case. Otherwise you'd have to turn off session restore.
This is the session saving function of Firefox, and this is how FF is designed. You can do this test by closing all the tabs in your browser, then close the browser and restart it to see if it is still saved.

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics

JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,

Regarding the problem of inconsistent width of emsp spaces in HTML and Chinese characters in many web tutorials, it is mentioned that occupying the width of a Chinese character, but the actual situation is not...

Realize the gap effect of card coupon layout. When designing card coupon layout, you often encounter the need to add gaps on card coupons, especially when the background is gradient...

How to select and style elements of the first specific class using CSS and JavaScript? In web development, you often encounter the need to select and modify specific classes...

How to achieve the 45-degree curve effect of segmenter? In the process of implementing the segmenter, how to make the right border turn into a 45-degree curve when clicking the left button, and the point...

JavaScript Naming Specification and Android...

Implementing the CSS font gradient effect Many developers hope to achieve cool font gradient effect on web pages. This article will explain in detail how to use CSS3 to implement the graph...

How to distinguish between closing tabs and closing entire browser using JavaScript on your browser? During the daily use of the browser, users may...
