How session works

Recommended tutorial: PHP Tutorial

Session working principle

　1. Create Session

When When a user accesses a server, if the server enables Session, the server will create a SESSION for the user. When creating this SESSION, the server first checks whether the request sent by the user contains a SESSION ID. If it contains a SESSION The ID indicates that the user has logged in before and created a SESSION for this user. Then the server will search the SESSION in the server's memory according to the SESSION ID. If the client request does not contain the SESSION ID, it will be for this client. The client creates a SESSION and generates a SESSION ID related to this SESSION. This SESSION ID is a unique, non-repeating, and difficult-to-find regular string. This SESSION ID will be returned to the client for storage in this response, and it is COOKIE that saves this SESSION ID, so that during the interaction The browser can automatically send this identifier to the server according to rules.

　2. Use Session

We know that in IE, we can set Cookie in the Internet option of the tool. If disabled, will it happen that the client's cookies are disabled and the SESSIONID can no longer be used? I found some information indicating that there can be other mechanisms that can still pass the Session id back to the server when COOKIE is disabled.

A frequently used technology is called URL rewriting, which is to directly append the Session id to the end of the URL path as additional information for the URL path, in the form of:

　http://…. /xxx;jSession=ByOK3vjFD75aPnrF7C2HmdnV6QZcEbzWoWiBYEnLerjQ99zWpBng! -145788764;

The other is appended to the URL as a query string, in the form:

## http://…. . /xxx? jSession=ByOK3vjFD75aPnrF7C2HmdnV6QZcEbzWoWiBYEnLerjQ99zWpBng! -145788764

##　 Another type is the form hidden fields. That is, the server will automatically modify the form and add a hidden field so that the Session id can be passed back to the server when the form is submitted.

　

##Session function

The fundamental function of Session is to store some information about user and server sessions on the server side. Typical applications are:

　

1. Determine whether the user is logged in.

　

2. Shopping cart function.

Session instance problem Existing system A, B; Assumption System A is a web system that can run independently, that is, it can handle sessions directly with the browser. System B is based on mobile and needs to call the functional interface of system A.

In the case of changes, that is, when the login verification and session storage remain unchanged, system B can handle the front-end user's request.

The solution provided here is to use PHP to implement

After the user successfully logs in, the session-id of the saved session is returned to system B. , and then system B will bring session_id every time it requests other interfaces.

System A adds session_id (session_id) before session_start;

In this way, system B can safely call A

Related topic recommendations

:

php session (including pictures, texts, videos, cases)

The above is the detailed content of How session works. For more information, please follow other related articles on the PHP Chinese website!