PHP session control session and cookie introduction

1. Cookie

1>Cookie introduction

Cookie is data stored in the client browser. User data can be tracked and stored through Cookie. Generally, cookies are returned from the server to the client through HTTP headers. Most web programs support the operation of cookies because cookies exist in HTTP headers.
In PHP, the cookie is set through the setcookie function. For any cookie sent back from the browser, PHP will automatically store it in the form of

_COOKIE[‘key’] to read a cookie value.
When using a session, a cookie is usually used to store the session ID to identify the user. The cookie has a validity period. When the validity period expires, the cookie will be automatically deleted from the client.

2>Set cookie
setcookie()
Meaning: Used to set cookies. There are 7 parameters in the setcookie() function (only 5 commonly used parameters).
Syntax: setcookie(name,value,expire,path,domain,secure,httponly)
Return value: If there is output before calling this function, setcookie() will fail and return FALSE. If setcookie() runs successfully, it will return TRUE. This does not indicate whether the user accepts cookies.

parameter:
name:
The name of the cookie, accessed through $_COOKIE[‘name’].
value:
 Cookie value
expire:
 The time when the cookie expires. This is a Unix timestamp in seconds. You can set it using the time() function plus the number of seconds you want it to expire before. Or you can use mktime(). If set to 0 or omitted, the cookie will expire at the end of the session (when the browser is closed), default is 0.
path:
(valid path) If the path is set to '/' then the entire website will be valid, if set to '/foo/' the cookie will only be in the /foo/ directory and all subdirectories like /foo/bar/ of Available domains.
domain:
(The domain where the cookie is available) By default, it is valid for the entire domain name. To make the cookie available for the entire domain (including all its subdomains), just set the value to the domain name (in this case, 'example.com').
secure：
 Indicates that this cookie can only be transmitted over the client's secure HTTPS connection. When set to TRUE, the cookie will only be set if a secure connection exists. On the server side, programmers can only send this kind of cookie on a secure connection (eg: relative to

value, time()+3600, “path/”, “baidu.com”); //Set the path and domain

3>Cookie deletion and expiration time
There is no function to delete cookies specified in PHP. Instead, by setting the expiration time of the cookie to before the current time, the cookie will automatically expire. Thereby deleting the cookie.

4> Determine whether the cookie is empty
isset()
Meaning: Determine whether a cookie exists.
Syntax: isset (corresponding cookie attribute);
Return value: true/false

setcookie("name","SYN");if( isset( $_COOKIE["name"])){    echo  $_COOKIE["name"];
}else{    echo "不存在";
}

Similarities and differences between Session and cookie

cookie:
1. Storing data on the client and establishing a connection between the user and the server can usually solve many problems, but cookies still have some limitations:
2. Cookies are relatively not very secure and can easily be stolen, leading to cookie fraud
3. The value of a single cookie can only store a maximum of 4k
4. Each request requires network transmission, occupying bandwidth

session:
1. Store the user's session data on the server, with no size limit,
2. User identification is performed through a session_id. By default in PHP, the session id is saved through cookies.

//开始使用sessionsession_start();//设置一个session$_SESSION['test'] = time();//显示当前的session_idecho "session_id:".session_id();echo "<br>";//读取session值echo $_SESSION['test'];//销毁一个sessionunset($_SESSION['test']);echo "<br>";
var_dump($_SESSION);

2. Session

1>session usage

First execute the session_start method to open the session, and then read and write the session through the global variable $_SESSION. By default, sessions are stored on the server in the form of files. Therefore, when a session is opened on a page, the session file will be exclusively occupied, which will cause other concurrent accesses of the current user to be unable to execute and wait. This problem can be solved by using cache or database storage.
The session will automatically encode and decode the value to be set, so the session can support any data type, including data and objects.

session_start();$_SESSION['ary'] = array('name' => 'jobs');$_SESSION['obj'] = new stdClass();
var_dump($_SESSION);

2>Delete and destroy session

unset()
In PHP, use the unset function to delete a session value. After deletion, it will be removed from the global variable $_SESSION and cannot be accessed.

session_start();$_SESSION['name'] = 'jobs';unset($_SESSION['name']);echo $_SESSION['name']; //提示name不存在

session_destroy()
The session_destroy function will delete all data, but the session_id still exists.

session_start();$_SESSION['name'] = 'jobs';$_SESSION['time'] = time();
session_destroy();

Special Note:
session_destroy() will not immediately destroy the global variable

_SESSION until it is empty, so if you need to destroy $_SESSION immediately, you can use unset().

3>Use session to store user login information

登录信息既可以存储在sessioin中，也可以存储在cookie中，他们之间的差别在于session可以方便的存取多种数据类型，而cookie只支持字符串类型，同时对于一些安全性比较高的数据，cookie需要进行格式化与加密存储，而session存储在服务端则安全性较高。

<?phpsession_start();//假设用户登录成功获得了以下用户数据$userinfo = array(    &#39;uid&#39;  => 1011,    'name' => 'spark',    'email' => '1637167XX@qq.com',    'sex'  => 'F');
header("content-type:text/html; charset=utf-8");/* 将用户信息保存到session中 */$_SESSION['uid'] = $userinfo['uid'];$_SESSION['name'] = $userinfo['name'];$_SESSION['userinfo'] = $userinfo;//* 将用户数据保存到cookie中的一个简单方法 */$str =serialize($userinfo); //将用户信息序列化setcookie('userinfo', $str);

了解更多关于序列化serialize;

相关推荐：

php用户登录代码session、cookie自动记忆功能

cookie 和session 的定义和区别

php session会话如何写入redis

The above is the detailed content of PHP session control session and cookie introduction. For more information, please follow other related articles on the PHP Chinese website!