PHP implements session code for sharing and login authentication through session id
- 2020-05-17 05:00:02
- OfStack
First, let's talk about the purpose of this mechanism. So far, the field knows that this mechanism has two purposes:
First of all, the problem of multiple servers sharing session, which you should all understand, is that when the number of users of a website is too large, a server cluster will be used, for example, there is only one server for login. By the user logged in, login server session login server to save the user's login information, and other access server, not the session server, for example, then we will through a session only 1 logo for sharing this session - specific session sharing is beyond the scope of this article, please make your own data access.
The second use is to validate different sessions with user 1, which is a little harder to understand. Let me put it this way, a user is not through the browser to request connection, but through socket or other ways to request the data, we first need to give him the user login validation, authentication is successful, it issued a sessionid to him, then he will carry the sessionid every request, we through this sessionid to determine whether session already exists, we consider if there is a user login already...
For the first problem, we can save sessionid in the database and implement it. This method is relatively safe and widely used, but it is not the scope of our discussion
The second problem, which is actually pretty easy, is code 1
1 sessionid is generated in the first verification;
The client takes the variable sessionid to request data
At this point, session is already session for login verification.
Note: session_start() is automatically enabled in sessionServer.php if thinkphp is used; The session_destory() function must be called to clear session.
First of all, the problem of multiple servers sharing session, which you should all understand, is that when the number of users of a website is too large, a server cluster will be used, for example, there is only one server for login. By the user logged in, login server session login server to save the user's login information, and other access server, not the session server, for example, then we will through a session only 1 logo for sharing this session - specific session sharing is beyond the scope of this article, please make your own data access.
The second use is to validate different sessions with user 1, which is a little harder to understand. Let me put it this way, a user is not through the browser to request connection, but through socket or other ways to request the data, we first need to give him the user login validation, authentication is successful, it issued a sessionid to him, then he will carry the sessionid every request, we through this sessionid to determine whether session already exists, we consider if there is a user login already...
For the first problem, we can save sessionid in the database and implement it. This method is relatively safe and widely used, but it is not the scope of our discussion
The second problem, which is actually pretty easy, is code 1
1 sessionid is generated in the first verification;
<?php
Session_start();
$sessionId = session_id();// get sessionid
// will session Send it to the client
.........
?>
The client takes the variable sessionid to request data
<?php
Session_id( ' $sessionid');// Notice at this point session_id() This function takes arguments
Session_start();// This function has to be in session_id() after
?>
At this point, session is already session for login verification.
Note: session_start() is automatically enabled in sessionServer.php if thinkphp is used; The session_destory() function must be called to clear session.