Detailed explanation of session technology Cookie in PHP

In PHP, the maximum life cycle of all data (variables, constants, global variables) is one script cycle (ie: the browser sends a request to the server ---> server Respond to the request and hand the request to PHP for processing---->PHP returns it to the server after processing--->The server returns it to the browser). When the browser requests again, all the previous data will be invalid.

However, for many operations, such as user login operations, after the user successfully logs in, the user can directly manage the backend without entering a password when requesting again. At the same time, if the user fails to log in or is not logged in, he cannot access directly through the background URL. This requires data that can record the user's login status so that it can be used in multiple script cycles. --------This cross-script cycle data storage mechanism is called session technology.

COOKIE session technology---Technology that allows server-side scripts to store data on the browser side

Principle: 1. When responding to a request, the server can send instructions to the browser to manage the cookie data stored on the browser.

2. If the browser has stored cookie data set by a server, it will automatically carry the stored cookie data to the server when making this request.

Use:

1. Set (add, delete, modify and check) cookies in the server:

setcookie(key,value); Set cookie data through key (key)-value (value) pairs

                eg: setcookie ('name', 'Li'); Add cookie data

                                                                                                                                                                                                                                                                             

# SetCookie ('name'); or setcookie ('name', '') or setcookie ('name', 'li', time ()-);

$ _Cookie ['Key']; You can get the cookie data passed by the browser side on the server side, and the value is value.

2. Validity:

In the setcookie() function, except that the first two are name-value settings, the third parameter indicates that it is valid time.

setcookie('name','Li',time()+60); The third parameter is calculated by a timestamp, so time()+60 means it expires 60 seconds after creation .

The default validity period is the end of the session period (the browser is closed), also known as temporary cookies.

<?php
setcookie(&#39;name&#39;,&#39;Li&#39;);

var_dump($_COOKIE['name']);

When the first request is made, the cookie data does not exist, but it does exist in the cookie table on the browser side Cookie data named 'name', so it can be said that the data is stored on the browser side after the response. The expiration time in the result can be seen as "session" when there is no setting.

When writing a script, the same browser request is used:

var_dump($_COOKIE['name'])；//该文件为cookie_2.php

Therefore, the cookie data will be automatically passed to the server when the browser requests it again.

3. Valid paths

By default, cookies are valid in the current path and descendant paths. When the browser makes a request, it will first search for valid cookies in the current directory, then search upwards, and carry all valid cookies to the server.

It can be modified through the fourth parameter of setcookie(); usually set to '/' to indicate that the site is valid in the new directory, that is, the entire site is valid.

4. Valid domain

It refers to the area where cookie data can be applied. The default is: only valid under the current domain name. But it can be set through the fifth parameter;

setcookie('name','Li',0,'qq.com'); This setting indicates that the effective domain can be extended to all its subdomains .

For example: www.qq.com//, where QQ.com is a first -class domain name.

## completely, the sub -domain name under the first -level domain name //wx2.qq.com.

# If there is no fourth parameter on the top, you can only be valid under the first -level domain name, and the sub -domain name is invalid.

This is the cookie data that exists on the IE browser.

We can find that it uses domain to distinguish different accesses, and its path is '/', which means that all site directories are valid, and expires means the expiration time.

5. Whether to only secure transmission (https://.....indicates encrypted http protocol)

By setting the sixth parameter of setcookie() to true, you can Turn on the secure transfer only option. After turning on, the cookie data will be carried to the server only when https://.... is requested. The default false means that secure transmission is not enabled, that is, the cookie data can be obtained by all request methods.

6.HTTPONLY

By setting the seventh parameter of setcookie() to true, you can turn on the HTTPONLY option. This option means that cookie data can only be obtained during http requests. The current cookie data cannot be obtained through scripts such as javascript.

Note: 1. The cookie value only supports string type (numeric type data can be converted to a string before setting).

                                                                                                                    The key of the cookie can be written in the form of an array subscript.

SetCookie ('Student [name]', 'li');

## Setcookie ('Student [Gender]', 'Male');

## There are always two cookies here (whether when storing or requesting), but during the trial, php organized them into an array.

Related recommendations:

Summary of examples of session technology COOKIE and SESSION

PHP Basic Tutorial Seventeenth Session technology COOKIE, SESSION

Examples of cookies for php session technology

The above is the detailed content of Detailed explanation of session technology Cookie in PHP. For more information, please follow other related articles on the PHP Chinese website!