Home  >  Article  >  Backend Development  >  PHP Session configuration detailed (php.ini) tutorial_PHP tutorial

PHP Session configuration detailed (php.ini) tutorial_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 10:47:411903browse

In PHP, we can set up Session configuration directly in php.ini. Now I will give you some reference instructions for specifically configuring session in php.ini.


Session configuration instructions in php.ini

The following introduces the necessary configuration steps to enable the session to run

When manually configuring the PHP running environment, the most easily forgotten item is the storage directory configuration of the server-side session file. Open the php.ini file, search for Session, and find session.save_path. The default value is /tmp, which represents the session file. Save it in the c:/tmp directory. The default tmp directory has not been created. You can create a tmp directory under the c drive, or create another directory, such as leapsoulcn, then modify the value of session.save_path and remove;, that is,

session.save_path = ‘/leapsoulcn’;

Notes:

1. Generally, in order to ensure the security of the server, it is best to set the session.save_path value to a directory that is inaccessible from the external network. In addition, if you are configuring the session under a Linux server, please be sure to also configure this directory with read and write permissions. , otherwise an error will be reported when performing session operations.

 2. When using session variables, in order to ensure the security of the server, it is best to set register_globals to off to ensure that global variables are not confused. When using session_register() to register session variables, you can use the system global variable $ _SESSION to access. For example, if you register the leapsoulcn variable, you can access this variable through $_SESSION['leapsoulcn']. Detailed description of PHP environment variable $_SERVER and system constants

Other instructions for session.save_path configuration, translated from the php.ini configuration file

You can use the pattern "N;[MODE;]/path" to define the path. N is an integer, which means using N-level subdirectories instead of saving all data files in one directory.

 [MODE;] Optional, must use octal number, default 600 (=384), indicating the maximum number of session files saved in each directory. [MODE;] does not rewrite the process's umask. PHP does not create these folder structures automatically. It can be created using the mod_files.sh script in the ext/session directory. If the folder can be accessed by insecure users (such as the default "/tmp"), it will cause security vulnerabilities. Automatic garbage collection will fail when N>0. For details, see the section on garbage collection below.

If you have multiple virtual hosts on your server, it is recommended to set up different directories for each different virtual host.

Now the most basic session configuration is completed. You only need to save php.ini and restart apache to use the session function.

Other session configuration instructions

session.save_handler = “files”

By default, session data is accessed in file mode. If you want to use a custom processor to access session data, such as a database, use "user".

session.use_cookies = 1

Whether to use cookies to save the session ID on the client, the default is to use cookies

session.use_only_cookies = 0

Whether to only use cookies to save the session session id on the client. This option allows the administrator to prohibit users from passing the id through the URL. The default is 0. If disabled, the session will not work if the client disables cookies.

session.name = “PHPSESSID”

Session identification name used as cookie name

session.auto_start = 0

Whether to automatically start the session, it is not started by default. We know that when using the session function, we basically start the session through the session_start() function in the head of every php script. If you enable this option, then in every The script header will automatically start the session. There is no need for each script header to start the session with the session_start() function. It is recommended to turn off this option and use the default value.

session.cookie_lifetime = 0

Pass the cookie validity period (seconds) of sessionid, 0 means it is only valid while the browser is open.

session.gc_probability = 1

session.gc_divisor = 100

Define the probability of starting the garbage collection process every time a session is initialized. The calculation formula is as follows: session.gc_probability/session.gc_divisor. For example, 1/100 means that there is a 1% probability of starting the garbage collection program. The more frequently the session page is accessed, the smaller the probability should be. The recommended value is 1/1000~5000.

session.gc_maxlifetime = 1440

Set the lifetime of the saved session file. After the number of seconds set by this parameter is exceeded, the saved data will be regarded as 'garbage' and cleaned up by the garbage collection program. The judgment criterion is the last time the data was accessed (for the FAT file system, the last time the data was refreshed). If multiple scripts share the same session.save_path directory but have different session.gc_maxlifetimes, the minimum value among all session.gc_maxlifetime directives will prevail.

If you set a subdirectory to store session data files in the session.save_path option, the garbage collection program will not start automatically. You must use your own shell script, cron item, or other methods to perform garbage collection.

For example, set "session.gc_maxlifetime=1440" (24 minutes):

cd /path/to/sessions; find -cmin +24 | xargs rm

The above are descriptions of some commonly used session configuration options. For more descriptions of session configuration options, you can refer to the descriptions in the php.ini file.

At this point, the PHP tutorial for configuring the session in the php.ini configuration file has been introduced. Through the practice and learning of the above steps, the basic session functions can be used. As for other aspects such as session performance, you need to depend on the server. The environment and needs have been fine-tuned, you have to experience this yourself.

Attachment 1

[Session]
session.save_handler = files ; Control method for saving/retrieving data
session.save_path = C:wintemp ; Parameters passed to the controller when save_handler is set to a file,
; This is the path where the data file will be saved.
session.use_cookies = 1 ; Whether to use cookies
session.name = PHPSESSID
; The name of the session used in the cookie
session.auto_start = 0 ; Initialize session
when request starts session.cookie_lifetime = 0 ; is the cookie storage time in seconds,
; Or when it is 0, until the browser is restarted
session.cookie_path = / ; Valid path of cookie
session.cookie_domain = ; Valid domain of cookie
session.serialize_handler = php ; Controller used to connect data
                                                                                   
session.gc_probability = 1 ; 'garbage collection (defragmentation)' process by percentage
Possibility to start every session initialization.
session.gc_maxlifetime = 1440 ; After the number of seconds referred to here, saved data will be considered
                                                                                                                                   
session.referer_check = ; Check HTTP referrers to invalidate additional ids included in URLs
session.entropy_length = 0 ; How many bytes to read from the file
session.entropy_file = ; Specify here to create session id
; session.entropy_length = 16
; session.entropy_file = /dev/urandom
session.cache_limiter = nocache; Set to {nocache, private, public} to determine the HTTP
                                               session.cache_expire = 180 ; The document expires after n minutes
session.use_trans_sid = 1 ; Use transitional sid support, if enabled at compile time
; --enable-trans-sid
url_rewriter.tags = "a=href,

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/632845.htmlTechArticleIn the Session configuration in PHP, we can set it directly in php.ini. Let me introduce to you the settings in php. Some reference instructions for specifically configuring session in .ini. Session configuration instructions in php.ini...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn