Home  >  Article  >  Backend Development  >  33 PHP Sessions

33 PHP Sessions

WBOY
WBOYOriginal
2016-07-30 13:29:401103browse

PHP session variables are used to store information about a user session, or to change the settings of a user session. The information held by the Session variable is single-user and available to all pages in the application.


PHP Session Variables
When you run an application, you open it, make changes, and then close it. It's a lot like a session. The computer knows who you are. It knows when you start the application and when it terminates it. But on the Internet, there's a problem: the server doesn't know who you are and what you do, and that's because HTTP addresses don't maintain state.
PHP sessions solve this problem by storing user information on the server for subsequent use (such as user name, purchased items, etc.). However, session information is temporary and will be deleted after the user leaves the site. If you need to store information permanently, you can store the data in a database.
The working mechanism of Session is to create a unique ID (UID) for each visitor and store variables based on this UID. The UID is stored in a cookie or passed through the URL.


Start PHP Session
Before you can store user information in a PHP session, you must first start the session.
Note: The session_start() function must be placed before the < html> tag:

<code><span><span><?php</span> session_start(); <span>?></span></span><span><<span>html</span>></span><span><<span>body</span>></span><span></<span>body</span>></span><span></<span>html</span>></span></code>

The above code will register the user's session with the server so that you can start saving user information, and will assign a UID to the user's session.


Storing Session variables
The correct way to store and retrieve session variables is to use the PHP $_SESSION variable:

<code><span><span><?php</span>
session_start();
<span>// store session data</span><span>$_SESSION</span>[<span>'views'</span>]=<span>1</span>;
<span>?></span></span><span><<span>html</span>></span><span><<span>body</span>></span><span><span><?php</span><span>//retrieve session data</span><span>echo</span><span>"Pageviews="</span>. <span>$_SESSION</span>[<span>'views'</span>];
<span>?></span></span><span></<span>body</span>></span><span></<span>html</span>></span>
输出:
Pageviews=1</code>
<code>在下面的例子中,我们创建了一个简单的 page-view 计数器。<span>isset</span>() 函数检测是否已设置 <span>"views"</span> 变量。如果已设置 <span>"views"</span> 变量,我们累加计数器。如果 <span>"views"</span> 不存在,则我们创建 <span>"views"</span> 变量,并把它设置为 <span>1</span>:
<span><?php</span>
session_start();

<span>if</span>(<span>isset</span>(<span>$_SESSION</span>[<span>'views'</span>]))
  <span>$_SESSION</span>[<span>'views'</span>]=<span>$_SESSION</span>[<span>'views'</span>]+<span>1</span>;

<span>else</span><span>$_SESSION</span>[<span>'views'</span>]=<span>1</span>;
<span>echo</span><span>"Views="</span>. <span>$_SESSION</span>[<span>'views'</span>];
<span>?></span></code>

Terminate Session
If you wish to delete some session data, you can use the unset() or session_destroy() function.
The unset() function is used to release the specified session variable:

<code><span><span><?php</span><span>unset</span>(<span>$_SESSION</span>[<span>'views'</span>]);
<span>?></span></span>
您也可以通过 session_destroy() 函数彻底终结 session:
<span><span><?php</span>
session_destroy();
<span>?></span></span>
注释:session_destroy() 将重置 session,您将失去所有已存储的 session 数据。</code>

The difference between cookie and session:

Specifically, the cookie mechanism uses a solution that maintains state on the client side, while the session mechanism uses a solution that maintains state on the server side. status program. At the same time, we have also seen that since the solution of maintaining state on the server side also needs to save an identity on the client side, the session mechanism may need to use the cookie mechanism to achieve the purpose of saving the identity, but in fact it has other options.

<code>cookie机制。正统的cookie分发是通过扩展HTTP协议来实现的,服务器通过在HTTP的响应头中加上一行特殊的指示以提示浏览器按照指示生成相应的cookie。然而纯粹的客户端脚本如JavaScript或者VBScript也可以生成cookie。而cookie的使用是由浏览器按照一定的原则在后台自动发送给服务器的。浏览器检查所有存储的cookie,如果某个cookie所声明的作用范围大于等于将要请求的资源所在的位置,则把该cookie附在请求资源的HTTP请求头上发送给服务器。
cookie的内容主要包括:名字,值,过期时间,路径和域。路径与域一起构成cookie的作用范围。若不设置过期时间,则表示这个cookie的生命期为浏览器会话期间,关闭浏览器窗口,cookie就消失。这种生命期为浏览器会话期的cookie被称为会话cookie。会话cookie一般不存储在硬盘上而是保存在内存里,当然这种行为并不是规范规定的。若设置了过期时间,浏览器就会把cookie保存到硬盘上,关闭后再次打开浏览器,这些cookie仍然有效直到超过设定的过期时间。存储在硬盘上的cookie可以在不同的浏览器进程间共享,比如两个IE窗口。而对于保存在内存里的cookie,不同的浏览器有不同的处理方式
session机制。session机制是一种服务器端的机制,服务器使用一种类似于散列表的结构(也可能就是使用散列表)来保存信息。

当程序需要为某个客户端的请求创建一个session时,服务器首先检查这个客户端的请求里是否已包含了一个session标识(称为session id),如果已包含则说明以前已经为此客户端创建过session,服务器就按照session id把这个session检索出来使用(检索不到,会新建一个),如果客户端请求不包含session id,则为此客户端创建一个session并且生成一个与此session相关联的session id,session id的值应该是一个既不会重复,又不容易被找到规律以仿造的字符串,这个session id将被在本次响应中返回给客户端保存。
保存这个session id的方式可以采用cookie,这样在交互过程中浏览器可以自动的按照规则把这个标识发挥给服务器。一般这个cookie的名字都是类似于SEEESIONID。但cookie可以被人为的禁止,则必须有其他机制以便在cookie被禁止时仍然能够把session id传递回服务器。
经常被使用的一种技术叫做URL重写,就是把session id直接附加在URL路径的后面。还有一种技术叫做表单隐藏字段。就是服务器会自动修改表单,添加一个隐藏字段,以便在表单提交时能够把session id传递回服务器。比如:
 <form name="testform" action="/xxx">
 <input type="hidden" name="jsessionid" value="ByOK3vjFD75aPnrF7C2HmdnV6QZcEbzWoWiBYEnLerjQ99zWpBng!-145788764">
 <input type="text">
 </form>
</code>

In fact, this technique can be simply replaced by applying URL rewriting to the action

The above has introduced 33 PHP Sessions, including aspects of the content. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn