Use Cookies and User Sessions
Cookies
Cookies to store some smaller information about the user. It corresponds to a request from the server or script. Through a user's browser, a host can request to save 20 cookies. Each cookie contains a name, value and expiration date, as well as host and path information. The size limit for a single cookie is 4kb. After setting the cookie, only the host making the request can read the data, which ensures that user privacy is respected. In addition, the user can configure his browser to notify him to accept or reject all cookie requests.
The Set-Cookie item in the header sent by a PHP script that sets a cookie may be as follows:
Set-Cookie:vegetable=artichoke;path=/;domain=yourdomain.com
Set-Cookie header contains:
A name/value pair (vegetable=artichoke),
A path (path=/) and a domain (domain=yourdomain.com).
If the expiration field is set, it provides the value of the date on which the browser "forgot" the cookie. If no expiration date is set, the cookie will expire when the user session expires, that is, when the user closes the browser.
The path field and the domain field work together, because the path is a directory where the domain is found, and the cookie should be sent back to the directory under this directory of the server. If the path is "/", which is a very common value, it means that the cookie can be read by any file in the document root.
If the path is "/products", this cookie can only be read by files in the /products directory of the website.
Subsequently, a PHP script will be able to access the cookies. Cookies are in the environment variable HTTP_COOKIE or as part of the $_COOKIE superglobal variable. They can be accessed in three ways:
echo $_SERVER["HTTP_COOKIE"]; echo getenv("HTTP_COOKIE"); echo $_COOKIE["vegetable"];
Set Cookies
<?php /** *setcookie()函数输出一个Set-Cookie标头。它应该在任何其他内容发送给浏览器之前调用。 *参数:cookie名字、cookie值、过期日期、路径、域、一个整数 *如果cookie仅通过一个安全的连接发送的话,这个整数的值设为1。0表示在一个非安全的环境中发送。 */ setcookie("vegetable","artichoke",time()+3600,"/","localhost",0); if (isset($_COOKIE["vegetable"])){ echo "<p>Hello again,you hava chosen:".$_COOKIE["vegetable"].".</p>"; }else { echo "<p>Hello you.This may be your first visit.</p>"; } ?>
The same way to securely delete cookies To call the setcookie() function, just use a time that has definitely expired, such as time()-60.
User Sessions
The session function provides the user with a unique identifier that can then be used to store and retrieve information connected to that identifier. When a visitor accesses a session-enabled page, either a new identifier is assigned, or the user is reassociated with an identifier already established by a previous visit. Any variables that are already associated with the session are made available to your code through the $_SESSION superglobal variable. Session state is usually stored in a temporary file, although you can implement database storage using a function called session_set_save_handler().
Start a session, return the ID, and store the variable as session1.php.
<?php session_start(); echo "<p>Your session ID is ".session_id().".</p>"; $_SESSION["product1"] = "Sonic Screwdriver"; $_SESSION["product2"] = "HAL 2000"; echo "The products have been registered."; ?>
To access the stored session variables, use the session_save_path() function to check where the temporary file is saved in the system and save it as sesson2.php.
<?php session_start(); echo "Your chosen products are:"; echo "<ul>"; echo "<li>".$_SESSION["product1"]."</li>"; echo "<li>".$_SESSION["product2"]."</li>"; echo "</ul>"; echo session_save_path(); ?>
First access the server's session1.php, the result is as follows:
Then access the session2.php under the server, the result is as follows:
Find sess_curdcq4agn11gq4fdj4bq2kj33 in this path, open it with Notepad, and you can see How registered variables are saved.
When a value is placed in the $_SESSION superglobal variable, PHP writes the variable name and value to a file, this information can be read and the variable can be restored later. After we add this variable to the superglobal variable $_SESSION, you can still modify its value at any time during script execution. However, this modified value will not be reflected in the global settings until the variable is reassigned. To the superglobal variable $_SESSION.