How to use infinite lifetime Session (_PHP tutorial-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

How to use infinite lifetime Session (_PHP tutorial

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 20, 2016 am 11:05 AM

sessionNousemethodunlimitedExpectof

Method of using unlimited lifetime Session
This article cannot be said to be very good, but I believe that most PHPers have thought about these issues.
How to use unlimited lifetime Session
Added support for Session in PHP4.0, which facilitates many of our programs, such as shopping carts, etc.!
In many forums, Session is also used to process user logins and record usernames and passwords, so that users do not have to enter their usernames and passwords every time! However, the life span of a general Session is limited. If the user closes the browser, the Session variables cannot be saved! So how can we achieve the permanent life span of Session?
As we all know, the Session is stored on the server side. The user's file is obtained based on the SessionID provided by the client, and then the file is read to obtain the value of the variable. The SessionID can use the client's Cookie or the Query_String of the Http1.1 protocol (that is, (the part after the "?" in the accessed URL) is transmitted to the server, and then the server reads the directory of the Session...
To realize the permanent life of the Session, you first need to understand the relevant settings of the Session in php.ini (open php.ini file, in the "[Session]" section):
1. session.use_cookies: The default value is "1", which means that the SessionID is passed by Cookie, otherwise it is passed by Query_String;
2. session.name: This is the variable name stored in SessionID. It may be passed by Cookie or Query_String. The default value is "PHPSESSID";
3. session.cookie_lifetime: This represents the time that SessionID is stored in the client cookie. The default is 0, which means that the SessionID will be invalidated as soon as the browser closes it... It is because of this that the Session cannot be used permanently!
4. session.gc_maxlifetime: This is the time that Session data is stored on the server side. If this time is exceeded, the Session data will be automatically deleted!
There are many more settings, but these are the ones related to this article. Let’s start with the principles and steps of using permanent Session.
As mentioned before, the server reads Session data through SessionID, but generally the SessionID sent by the browser is gone after the browser is closed, so we only need to manually set the SessionID and save it, no...
If you have the permission to operate the server, setting this is very, very simple. You just need to perform the following steps:
1. Set "session.use_cookies" to 1 and turn on Cookie to store SessionID, but the default is 1. , generally no need to modify;
2. Change "session.cookie_lifetime" to positive infinity (of course there is no parameter for positive infinity, but there is no difference between 999999999 and positive infinity);
3. Set "session.gc_maxlifetime" It is the same time as "session.cookie_lifetime";
After setting, open the editor and enter the following code:

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How does PHP identify a user's session?May 01, 2025 am 12:23 AM

PHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.

What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AM

The security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.

Where are PHP session files stored by default?May 01, 2025 am 12:15 AM

PHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita

How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AM

ToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si

How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AM

The steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.

How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PM

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PM

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PM

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

What's New in Windows 11 KB5054979 & How to Fix Update Issues

3 weeks agoByDDD

How to fix KB5055523 fails to install in Windows 11?

3 weeks agoByDDD

InZoi: How To Apply To School And University

4 weeks agoByDDD

How to fix KB5055518 fails to install in Windows 10?

3 weeks agoByDDD

Where to find the Site Office Key in Atomfall

4 weeks agoByDDD

Hot Tools

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software