Home > Article > Backend Development > Simple and easy to understand, how Session works (transferred)_PHP Tutorial
Let’s take a look at how Session works. I wonder if you know that identity authentication is achieved through cookies. First, a unique cookie is generated as a sign of user identity and registered in the database. The cookie passed by the user is then compared with the cookie registered in the database to determine the user's identity.
Session works the same way.
First, PHP generates a unique string for the user who created the session to identify the user's session. This string is generally called Session Id. Then "sess" + Session Id is the file name (for example, if a Session ID is 111, then the file name is sess_111), create a file in the server's file system, and save the variable names and values of the global variables defined by the user in the Session in the file. Then the Session Id is saved in the user's file system as a cookie named PHPSession.
Then, when the user connects to the server again to access a PHP script, PHP gets the Session Id of the session where the user is from the PEESession cookie sent by the user, and saves the session information file from the server's file system based on the Session Id. Finally, the value of the global variable set by the user during the last connection is read from this file.
Therefore, we can see that the working principle of Session is the same as the working principle of identity authentication introduced in the previous section. The only difference is that Session saves the information in the server's file system, and we save the information in the database. Of course, the advantage of using Session is that data saving and retrieval are automatically completed by PHP, but if you use Cookie directly, you need to save and obtain data yourself.
Session uses the identity mark function of Cookie to save the information that users need to save when browsing the website on the server. In this way, Session not only overcomes the shortcomings of the HTTP protocol, but also prevents information leakage, and is convenient for programmers to use. It is a very good solution. However, the Session function is only supported by PHP4, and PHP3 does not support Session. Therefore, readers who use PHP3 to build websites can only use cookies directly.