An in depth understanding of Session and Cookie in PHP

  • 2020-06-19 09:51:57
  • OfStack

When setting cookie on a page, you must refresh or go to the next page to get the value of the variable with $_COOKIE.
Because when first by the browser to access into the page, the page cookie will be set and send it to store the client the specified storage location, so $_COOKIE didn't receive the client to send over the value of the variable cookie, when refresh or to a page, the client will be before the page program running on the server side, sent to the address that corresponds to the cookie to the server, so $_COOKIE can get the value of the! Basically, when every page is visited, if the client finds an cookie corresponding to the address, it will send this cookie to the server before the program is run on the server side.
My ability to express is not strong, if there is unclear, please apologize!

When setting the cookie array in php, you cannot add data like in php:

<?php
setcookie('my_cookie[]', 1);
setcookie('my_cookie[]', 2);
print_r($_COOKIE);    // Array ( [my_cookie] => Array ( [0] => 1 )) 
                      //  Array value added was added successfully , But the index hasn't changed , The latter data overrides the former !
 The resulting 
       my_cookie[], The default is to point to the control of the data 1 Position of element , The index for 
0  The location of the .  Pay attention to and php Not in the 1 sample !  After use cookie Remember to specify the index of the array elements !

$my_cookie[] = 1;
$my_cookie[] = 2;
print_r($my_cookie); //Array ( [0] => 1 [1] => 2) 
?>

Two ways to delete the cookie variable:
1.php

<?php
setcookie('user_name_1', 'zhaofei299', time()+3600); //  Survival period for  1  hours 
setcookie('user_name_2', 'ZHAOFEI299', time()+3600); //  Survival period for  1  hours 
?>

2.php

<?php
setcookie('user_name_1');                //  The first 1 Kind of                 
setcookie('user_name_2', "", time()-1); //  The first 2 Kind of 
print_r($_COOKIE);                       //  Refresh the page 2 Below above will output  Array ( [user_name_1] => )

/* Why super global variables  $_COOKIE  In the  user_name_1  Not deleted ( Just because a variable is empty doesn't mean it doesn't exist ), while 
user_name_2 Been deleted ?  That's because the two variables are deleted in different ways !
 The first 1 Kind of :  Is to set up the  cookie  The lifetime of ,  It simply sets its value to null by default , The lifetime is with the browser 1 sample , The browser 
 closed ,cookie Will be deleted ! So when I reopen it 1 A browser , Output address , Can find  cookie  The variables have all been deleted !
 will 2.php  In the two  setcookie()  Comment out the functions ( The address was reprinted )!
 The first 2 Kind of :  It's also set up  cookie  The lifetime of , Is to make  cookie  The lifetime of 1 Set date , cookie  It gets deleted , So the brush 
 The new page , The client sends to the server  cookie  when , $_COOKIE  I didn't get it cookie The value of the variable !
*/
?>

Session id is stored in client Cookie by default!

<?php
session_start(); 
print_r($_COOKIE); 
?>

There are two ways to set up cookie
header('set-cookie:user=zhaofei299');
setcookie('user', 'zhaofei299');
Session variables cannot be overloaded by GET data or POST data!
Use session variables to pass arrays without serializing objects!
When passing an object using the session variable, the definition of the class object must be included and deserialized before calling session_start()
The same is true!
Deleting a single session variable can be done using unset($_SESSION['***']) directly!
You cannot use unset($_SESSION) to delete all session variables, as this will delete all session information, including those stored in COOKIE
$_SESSION = array(); $_SESSION = array();
Eliminate session id to lose contact between pages!
session_destroy();
Program Listing 1.1

<?php
session_start();
header('content-type:text/html;charset=utf-8');
$_SESSION['a'] = 'a';
$_SESSION['b'] = 'b';
unset($_SESSION);        // After the test , Let me comment that out a little bit 
$_SESSION['user'] = 'zhaofei299';
echo 'SESSION_ID: '.session_id().'<br />';
echo '<a href="3.php" target="_blank"> Under test </a>';
?>


<?php
session_start();
echo $_SESSION['user'];
echo session_id();         // The session variable has changed 
?>

Two ways of passing session id(session_id) :
1.cookie
2.url
Because the default session is based on cookie, and cookie is sent following the http protocol, it is the same as cookie1
session_start() cannot have any output before!
Now mainly say 1 say 2, pass session id via url
The constant SID has been defined in php to get id for the session
Use of sesssin_id!

<?php
session_start();
echo defined('SID')?'true':'false'; // true
echo SID; // Nothing at all ? 
?>

Why would SID be null? What's wrong with it?
The reason is that session defaults to cookie, while SID only has session_id through url
Values are assigned when data is passed!
Disable cookie in your browser and you will see that SID has output instead of null!
Delete session
It takes 3 steps to implement.

<?php
session_destroy();                         //  The first 1 step :  Delete server side session file , This use  
setcookie(session_name(),'',time()-3600); //  The first 2 step :  Delete the actual session: 
$_SESSION = array();                       //  The first 3 step :  delete $_SESSION Array of global variables 
?>

You all know that the session variable is stored on the server side, which means that the session variable is stored in a directory on the server
You can find the address saved in the session file at ES125en.save_ES127en in ES123en.ini.

The default session lifetime is that browsing ends when closed, but know that session expiration ends when opening the page session_start()
Determine if session id exists, create one if it doesn't, or load the session id variable onto the page! Because the expiration session_id will
A new one is created, but the session file saved on the server side is not deleted (close the browser and open the session file to save
To do this, use the session_destory() function to clear the session id, along with the corresponding session file
Complete cleanup!

When session_id USES url to pass session variable data, because session_start() determines whether session id is saved when it opens the session
In, create 1 if none exists, otherwise load the session id variable onto the page!

Now, url is used to pass session_id, but every refresh/entry to the page generates a session id, so between pages
If you can't get the variable session_id that you set on the other page, then there's no point in using session!

Solution: Before session_start(), manually set the session_id of the page so that the page's will get what was set on the previous page
session variable, also achieved the session of passing, the following code can be explained!
// cookie is disabled
1.php

<?php
session_start();
$_SESSION['user'] = 'zhaofei299';
echo '<a href="2.php?'.SID.'"> Under the 1 page </a>'; 
?>

1.php line 4 can also be written as echo ' < a href="2.php" > Under 1 page < /a > ';
You can set session. use_trans_sid in ES193en. ini to 1 so that when url is used to pass session id,
The browser automatically appends session_id to url!
As if in a browser input: www baidu. com 1 sample, the browser will automatically to change it into http: / / www baidu. com /

2.php

<?php
session_id($_GET['PHPSESSID']);   //  manually session_id, This kind can be used before 1 A page 
session_id  The variable , The session is implemented !
session_start(); 
print_r($_SESSION);
?>

Common session functions:

<?php
setcookie('user_name_1', 'zhaofei299', time()+3600); //  Survival period for  1  hours 
setcookie('user_name_2', 'ZHAOFEI299', time()+3600); //  Survival period for  1  hours 
?>
0

Related articles: