Home > Article > Backend Development > The principle and relationship between session and cookie in PHP 1_PHP tutorial
The principle and relationship between session and cookie in PHP 1_PHP tutorial
- WBOYOriginal
- 2016-07-14 10:07:08892browse
Friends who have shopping experience know that when purchasing goods, the website will record the goods you selected into the shopping cart. These are implemented using session and cookie technologies. Of course, different web platform technology implementation details are slightly different, but almost Both session and cookie are used.
Why are sessions and cookies used? It is necessary to talk about the http protocol. The HTTP protocol is stateless. In layman’s terms, you don’t know what happened in the previous second.
If you need to track a user’s status on the site, obviously this will not work. Let’s talk about COOKIE technology
Cookie: can be used to share some information on multiple pages. Cookies are supported by the HTTP protocol. When the browser requests a page from the server, the server returns an HTTP message + data, and the browser will parse the data received from the server. HTTP message to perform corresponding operations.
Server message:
HTTP/1.1 200 OK
Date: Thu, 06 Dec 2012 17:05:01 GMT
Server: Apache/2.2.17 (Win32) PHP/5.3.5
X-Powered-By: PHP/5.3.5
Set-Cookie: mycookie=Hello%2CCookie; expires=Thu, 06-Dec-2012 18:05:01 GMT; path=/
Content-Length: 44
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
This is where we only focus on Set-Cookie: mycookie=Hello%2CCookie; expires=Thu, 06-Dec-2012 18:05:01 GMT; path=/
This is the cookie information that tells the browser to save it. In layman’s terms, it means: “Browser please save this cookie information”
The format is a key-value pair such as a cookie. The key is: publicinfo and the value is: hello, cookie. The format is: publicinfo=hello,cookie
Browser request message:
GET /cookie/cookie1.php HTTP/1.1
Accept: */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; . NET4.0C; .NET4.0E; Tablet PC 2.0; InfoPath.2)
Accept-Encoding: gzip, deflate
Host: localhost
Connection: Keep-Alive
Cookie: C4vN_2132_saltkey=MW4qwm12; C4vN_2132_lastvisit=1354808405; C4vN_2132_sid=Dl9pU9; C4vN_2132_lastact=1354812024%09search.php%09forum; C4vN_2132_forum_lastvisit=D _36_1354812013; C4vN_2132_visitedfid=36; PHPSESSID=ggcr13idghctd9mi4gqllvcvs5; zhangqiang1=Hello%2CCookie
Here the browser sends the client's cookie information to the server, so that some status information can be maintained between the request and the response.
Use of cookies in PHP
There are two ways to use cookies in PHP,
1. Use the system function setcookie to set
2. Use header function to construct cookie message
With the previous knowledge, you know that these two functions actually do the same thing and the results are the same. In the end, the cookie information must be written into the HTTP message
Method 1:
setcookie(cookie key name, value, expiration time, access directory)
setcookie("mycookie","Hello,Cookie",time()+3600,"/");
echo "View Cookie";
?>
Method 2: (Here the cookie to be set is directly written into the HTTP message)
header("Set-Cookie: mycookie=123; expires=Tue, 04-Dec-2012 15:58:18 GMT");
echo "View Cookie";
Access cookies on the server side:
echo $_COOKIE["mycookie"];
?>
Accessing cookies is very simple, just use the super global array $_COOKIE, and fill in the cookie key in [].
The principle of using cookies is to know how some shopping websites or login functions are implemented, but cookies also have shortcomings
Security: Cookies are stored on the client side, which means they can be tampered with. Some important data cannot be stored in cookies, such as usernames and passwords.
Network transmission: Cookies must be included in HTTP request and response messages, so they cannot store too much data.