1>Cookie introduction
Cookie is data stored in the client browser. User data can be tracked and stored through Cookie. Generally, cookies are returned from the server to the client through HTTP headers. Most web programs support the operation of cookies because cookies exist in HTTP headers.
_COOKIE[‘key’] to read a cookie value.
In PHP, the cookie is set through the setcookie function. For any cookie sent back from the browser, PHP will automatically store it in the form of
When using a session, a cookie is usually used to store the session ID to identify the user. The cookie has a validity period. When the validity period expires, the cookie will be automatically deleted from the client.
2>Set cookie
setcookie()
Meaning: Used to set cookies. There are 7 parameters in the setcookie() function (only 5 commonly used parameters).
Syntax: setcookie(name,value,expire,path,domain,secure,httponly)
Return value: If there is output before calling this function, setcookie() will fail and return FALSE. If setcookie() runs successfully, it will return TRUE. This does not indicate whether the user accepts cookies.
parameter:
value, time()+3600, “path/”, “baidu.com”); //Set the path and domain
name:
The name of the cookie, accessed through $_COOKIE[‘name’].
value:
Cookie value
expire:
The time when the cookie expires. This is a Unix timestamp in seconds. You can set it using the time() function plus the number of seconds you want it to expire before. Or you can use mktime(). If set to 0 or omitted, the cookie will expire at the end of the session (when the browser is closed), default is 0.
path:
(valid path) If the path is set to '/' then the entire website will be valid, if set to '/foo/' the cookie will only be in the /foo/ directory and all subdirectories like /foo/bar/ of Available domains.
domain:
(The domain where the cookie is available) By default, it is valid for the entire domain name. To make the cookie available for the entire domain (including all its subdomains), just set the value to the domain name (in this case, 'example.com').
secure:
Indicates that this cookie can only be transmitted over the client's secure HTTPS connection. When set to TRUE, the cookie will only be set if a secure connection exists. On the server side, programmers can only send this kind of cookie on a secure connection (eg: relative to
3>Cookie deletion and expiration time
There is no function to delete cookies specified in PHP. Instead, by setting the expiration time of the cookie to before the current time, the cookie will automatically expire. Thereby deleting the cookie.
4> Determine whether the cookie is empty
isset()
Meaning: Determine whether a cookie exists.
Syntax: isset (corresponding cookie attribute);
Return value: true/false
setcookie("name","SYN");if( isset( $_COOKIE["name"])){ echo $_COOKIE["name"]; }else{ echo "不存在"; }
cookie:
1. Storing data on the client and establishing a connection between the user and the server can usually solve many problems, but cookies still have some limitations:
2. Cookies are relatively not very secure and can easily be stolen, leading to cookie fraud
3. The value of a single cookie can only store a maximum of 4k
4. Each request requires network transmission, occupying bandwidthsession:
1. Store the user's session data on the server, with no size limit,
2. User identification is performed through a session_id. By default in PHP, the session id is saved through cookies.
//开始使用sessionsession_start();//设置一个session$_SESSION['test'] = time();//显示当前的session_idecho "session_id:".session_id();echo "<br>";//读取session值echo $_SESSION['test'];//销毁一个sessionunset($_SESSION['test']);echo "<br>"; var_dump($_SESSION);
1>session usage
First execute the session_start method to open the session, and then read and write the session through the global variable $_SESSION. By default, sessions are stored on the server in the form of files. Therefore, when a session is opened on a page, the session file will be exclusively occupied, which will cause other concurrent accesses of the current user to be unable to execute and wait. This problem can be solved by using cache or database storage.
The session will automatically encode and decode the value to be set, so the session can support any data type, including data and objects.
session_start();$_SESSION['ary'] = array('name' => 'jobs');$_SESSION['obj'] = new stdClass(); var_dump($_SESSION);
2>Delete and destroy session
unset()
In PHP, use the unset function to delete a session value. After deletion, it will be removed from the global variable $_SESSION and cannot be accessed.
session_start();$_SESSION['name'] = 'jobs';unset($_SESSION['name']);echo $_SESSION['name']; //提示name不存在
session_destroy()
The session_destroy function will delete all data, but the session_id still exists.
session_start();$_SESSION['name'] = 'jobs';$_SESSION['time'] = time(); session_destroy();
Special Note:
_SESSION until it is empty, so if you need to destroy $_SESSION immediately, you can use unset().
session_destroy() will not immediately destroy the global variable
3>Use session to store user login information
登录信息既可以存储在sessioin中,也可以存储在cookie中,他们之间的差别在于session可以方便的存取多种数据类型,而cookie只支持字符串类型,同时对于一些安全性比较高的数据,cookie需要进行格式化与加密存储,而session存储在服务端则安全性较高。
<?phpsession_start();//假设用户登录成功获得了以下用户数据$userinfo = array( 'uid' => 1011, 'name' => 'spark', 'email' => '1637167XX@qq.com', 'sex' => 'F'); header("content-type:text/html; charset=utf-8");/* 将用户信息保存到session中 */$_SESSION['uid'] = $userinfo['uid'];$_SESSION['name'] = $userinfo['name'];$_SESSION['userinfo'] = $userinfo;//* 将用户数据保存到cookie中的一个简单方法 */$str =serialize($userinfo); //将用户信息序列化setcookie('userinfo', $str);
了解更多关于序列化serialize;
相关推荐:
The above is the detailed content of PHP session control session and cookie introduction. For more information, please follow other related articles on the PHP Chinese website!