The relationship between cookies and sessions in PHP and session configuration

This article mainly introduces the relationship between cookies and sessions in PHP and session configuration. It has certain reference value. Now I share it with you. Friends in need can refer to it

1. Settingscookie ：

setcookie(cookie键的名称,值,过期时间)；
setcookie('mainuser','YUEWEN',time()+3600);

2. Read cookie ：

echo $_COOKIE['mainuser'];

3. Delete cookie : Set the validity period to the past time

setcookie('mainuser',time()-60);

4. Set session:

$_SESSION['Muser'] = 'HUAXIANG';

5. Read session:

echo $_SESSION['Muser']';

6. Delete SESSION:

$_SSESSION = array();  //将session的值全部清空，文件保留
unset（$_SESSION['Muser']）;  //将该session删除
session_destroy();  //将session连同文件一并删除

7. The difference between cookie and session:

Cookie is stored on the client side, and session is stored on the server side.

Since cookies are stored on the client, they have low security (risk of tampering), and session security is high.

Cookies have a size limit of 4K and can only store 20 cookies. There is no limit on sessions (cookies need to form response headers that cannot be too lengthy).

Cookie only supports storing strings, and session can store all types (files, serialized strings).

8. What cookies and sessions have in common:

They are also session technologies, providing memory functions for the http protocol and sharing data set by different pages;

9. The connection between cookie and session:

1. session depends on cookie , because the HTTP protocol is stateless. Saving the state on the server side also requires storing an identifier on the client side. This identifier is stored in cookie , and the default key is $_COOKIE['PHPSESSID']：

F12-Network-Response Headers Display information:

Set-Cookie: PHPSESSID=erv417ai3mh5p85kp9cvasdc46;

         2. After generating the file, if you request again, the information of the corresponding file will be directly read based on the value of this PHPSESSIONID, without setting the cookie ;

F12-Network-Request Headers Display information:

Cookie: PHPSESSID=erv417ai3mh5p85kp9cvasdc46

After disabling cookies, you can pass the PHPSESSID to the server through get or post methods,

或者修改配置：

session.use_only_cookies=0;
session.use_trans_sid=1

4.session有关配置：

php.ini 查找[session]下： （.htaccess及程序代码ini_set( )可改，具体根据PHP官方手册的函数设置规则）

session.save_handler = files    //设置session保存方式（文件）；可改为memeche，redis等缓存保存；

session.save_path = D：/temp   //session保存路径；

session.use_cookies = 1   //session是否使用cookie的功能（预设1，启动），session基于cookie使用；

session.name = PHPSESSION   //session传递到cookie的键名，于网络的请求/响应头可查看；

session.auto_start = 0   //是否自动启动session（预设0），一般不设置为1，因自动启动将每次自动调用session_start( )时向响应头传递session数据，将影响对图片文件的处理；

session.cookie_lifetime = 0   //(预设0,随浏览器关闭而消失)，session使用cookie的生存期，以秒为单位；

session.cookie_path = /     //session使用cookie的有效路径，预设为在项目根目录下有效；

session.serialize_handler = php      // 序列化和反序列化处理器；

session.gc_probebility = 1    //（分子）垃圾收集的处理几率（预设：1）；

session.gc_pisor = 1000    //（分母）设置进程比率（php5新增参数），按千分之一的比率进行垃圾收集，即当session失效时删除垃圾文件，根据实际需要设置，如果100/100几率则太消耗服务器资源；

session.gc_maxlifetime = 1440   //被处理钱session文件的生存期（预设：1440秒），以上三项参数同时设置；

session小应用：防止刷新执行操作：

if (!empty($_POST) && !isset($_SESSION['flag'])) {
	$res = fopen('a.txt','a');   //只写
	$bool = fwrite($res,$_POST['username']);
	fclose($res);
	$_SESSION['flag'] = 1;   //第二次刷新请求该值则已存在，不执行以上程序
}

相关推荐：

理解PHP中的Session及对Session有效期的控制，session有效期

php cookie类(设置、获取、删除cookie值)

The above is the detailed content of The relationship between cookies and sessions in PHP and session configuration. For more information, please follow other related articles on the PHP Chinese website!