Backend Development
PHP Tutorial
Detailed explanation of the difference between cookie and session
Detailed explanation of the difference between cookie and session
Detailed explanation of the difference between cookie and session
These are basic knowledge, but it is necessary to understand it in depth. Let’s give a brief introduction first.
Definition of the two:
When you are browsing the website, the WEB server will first send a small piece of information to your computer, and the cookie will help you type on the website. The text or some selections are
recorded. The next time you visit the same website, the WEB server will first check to see if there is any cookie information it left last time. If so, it will judge the user based on the content in Cookie
and send a specific message. web content for you. The use of cookies is very common. Many websites that provide personalized services use Cookie
to identify users so as to send user-tailored content, such as free email websites with Web interfaces. All use cookies.
Specifically, the cookie mechanism uses a solution that maintains state on the client side, while the session mechanism uses a solution that maintains state on the server side.
At the same time, we also see that since the solution of maintaining state on the server side also needs to save an identity on the client side, the session mechanism may need to use the cookie mechanism
to achieve the purpose of saving the identity. , but it actually has other options.
Cookie mechanism. Orthodox cookie distribution is achieved by extending the HTTP protocol. The server adds a special line of instructions to the HTTP response header to prompt the browser to generate the corresponding cookie according to the instructions. However, pure client-side scripts such as JavaScript or VBScript can also generate cookies. The use of cookies is automatically sent to the server by the browser in the background according to certain principles. The browser checks all stored cookies. If the scope
declared by a cookie is greater than or equal to the location of the resource to be requested, the cookie is attached to the HTTP request header of the requested resource and sent to the server.
The content of cookie mainly includes: name, value, expiration time, path and domain. The path and domain together form the scope of the cookie. If the expiration time is not set, it means that the lifetime of these
cookies is during the browser session. When the browser window is closed, the cookie will disappear. This type of cookie that lasts for the duration of the browser session is called a session cookie.
Session cookies are generally not stored on the hard disk but in memory. Of course, this behavior is not regulated by the specification. If an expiration time is set, the browser will save the cookie
to the hard disk. If you close and open the browser again, these cookies will still be valid until the set expiration time is exceeded. Cookies stored on the hard disk can be shared between different browser processes, such as two IE windows. For cookies stored in memory, different browsers have different processing methods
session mechanisms. The session mechanism is a server-side mechanism. The server uses a structure similar to a hash table (or may use a hash table) to save information.
When the program needs to create a session for a client's request, the server first checks whether the client's request already contains a session identifier
(called session id). If so, Contains indicates that a session has been created for this client before, and the server will retrieve this session according to the session id
(if it cannot be retrieved, a new one will be created). If the client request does not contain the session id, then For this purpose, the client creates a session and generates a session id associated with this session. The value of the session id should be a string that is neither repeated nor easy to find patterns to counterfeit. This The session id will be returned to the client in this response
for storage. The method of saving this session id can use cookies, so that during the interaction process, the browser can automatically send this identifier to the
server according to the rules. Generally, the name of this cookie is similar to SEEESIONID. But cookies can be artificially disabled, and there must be other mechanisms so that when cookies are disabled, the session id can still be passed back to the server.
A frequently used technique is called URL rewriting, which is to append the session id directly to the end of the URL path. There is also a technique called form hidden fields. That is, the server
will automatically modify the form and add a hidden field so that the session id can be passed back to the server when the form is submitted. for example:
ррреее
На самом деле этот прием можно просто заменить, применив к действию перезапись URL.
Разница между файлами cookie и сеансами:
1. Данные файлов cookie хранятся в браузере клиента, а данные сеанса размещаются на сервере.
2. Файлы cookie не очень безопасны. Другие могут проанализировать файлы cookie, хранящиеся локально, и провести обман с использованием файлов cookie.
Учитывая безопасность, следует использовать сеанс.
3.Сессия будет сохранена на сервере в течение определенного периода времени. Когда доступ увеличится, это потребует большей производительности вашего сервера
Учитывая снижение производительности сервера, следует использовать COOKIE.
4. Размер данных, сохраняемых одним файлом cookie, не может превышать 4 КБ. Многие браузеры ограничивают сохранение на сайте до 20 файлов cookie.
5. Личное предложение:
Храните важную информацию, такую как данные для входа в систему, как SESSION
Если необходимо сохранить другую информацию, ее можно поместить в COOKIE
В этой статье объясняется файлы cookie и сеансы. Для подробного объяснения разницы посетите китайский веб-сайт php, где можно найти дополнительную информацию.
Рекомендации по теме:
Простой PHP-класс подкачки MySQL
Две конструкции древовидных массивов без функции рекурсии
#Преобразование HTML в Excel и реализация функций печати и загрузки
The above is the detailed content of Detailed explanation of the difference between cookie and session. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1389
52
Where are the cookies on your computer?
Dec 22, 2023 pm 03:46 PM
Cookies on your computer are stored in specific locations on your browser, depending on the browser and operating system used: 1. Google Chrome, stored in C:\Users\YourUsername\AppData\Local\Google\Chrome\User Data\Default \Cookies etc.
Where are cookies stored?
Dec 20, 2023 pm 03:07 PM
Cookies are usually stored in the cookie folder of the browser. Cookie files in the browser are usually stored in binary or SQLite format. If you open the cookie file directly, you may see some garbled or unreadable content, so it is best to use Use the cookie management interface provided by your browser to view and manage cookies.
How to solve session failure
Oct 18, 2023 pm 05:19 PM
Session failure is usually caused by the session lifetime expiration or server shutdown. The solutions: 1. Extend the lifetime of the session; 2. Use persistent storage; 3. Use cookies; 4. Update the session asynchronously; 5. Use session management middleware.
Solution to PHP Session cross-domain problem
Oct 12, 2023 pm 03:00 PM
Solution to the cross-domain problem of PHPSession In the development of front-end and back-end separation, cross-domain requests have become the norm. When dealing with cross-domain issues, we usually involve the use and management of sessions. However, due to browser origin policy restrictions, sessions cannot be shared by default across domains. In order to solve this problem, we need to use some techniques and methods to achieve cross-domain sharing of sessions. 1. The most common use of cookies to share sessions across domains
Where are the mobile cookies?
Dec 22, 2023 pm 03:40 PM
Cookies on the mobile phone are stored in the browser application of the mobile device: 1. On iOS devices, Cookies are stored in Settings -> Safari -> Advanced -> Website Data of the Safari browser; 2. On Android devices, Cookies Stored in Settings -> Site settings -> Cookies of Chrome browser, etc.
What are the differences between JavaScript and PHP cookies?
Sep 02, 2023 pm 12:29 PM
JavaScriptCookies Using JavaScript cookies is the most effective way to remember and track preferences, purchases, commissions and other information. Information needed for a better visitor experience or website statistics. PHPCookieCookies are text files that are stored on client computers and retained for tracking purposes. PHP transparently supports HTTP cookies. How do JavaScript cookies work? Your server sends some data to your visitor's browser in the form of a cookie. Browsers can accept cookies. If present, it will be stored on the visitor's hard drive as a plain text record. Now, when a visitor reaches another page on the site
How cookies work
Sep 20, 2023 pm 05:57 PM
The working principle of cookies involves the server sending cookies, the browser storing cookies, and the browser processing and storing cookies. Detailed introduction: 1. The server sends a cookie, and the server sends an HTTP response header containing the cookie to the browser. This cookie contains some information, such as the user's identity authentication, preferences, or shopping cart contents. After the browser receives this cookie, it will be stored on the user's computer; 2. The browser stores cookies, etc.
Detailed explanation of where browser cookies are stored
Jan 19, 2024 am 09:15 AM
With the popularity of the Internet, we use browsers to surf the Internet have become a way of life. In the daily use of browsers, we often encounter situations where we need to enter account passwords, such as online shopping, social networking, emails, etc. This information needs to be recorded by the browser so that it does not need to be entered again the next time you visit. This is when cookies come in handy. What are cookies? Cookie refers to a small data file sent by the server to the user's browser and stored locally. It contains user behavior of some websites.
