Home > Backend Development > PHP Tutorial > How to create Session in Php

How to create Session in Php

墨辰丷
Release: 2023-03-30 12:00:02
Original
6163 people have browsed it

This article mainly introduces how to create Session in Php. Interested friends can refer to it. I hope it will be helpful to everyone.

Related topic recommendations: php session (including pictures, videos, and practical cases)

Start the session session and create a $admin variable :

// 启动 session session_start(); 
// 声明一个名为 admin 的变量,并赋空值。 
$_session["admin"] = null; 
?>  
Copy after login

If you use Session, or the PHP file wants to call the Session variable, you must start it before calling the Session, using the session_start() function. You don’t need to set anything else, PHP automatically creates the session file.

After executing this program, we can find the session file in the system temporary folder. Generally, the file name is in the form: sess_4c83638b3b0dbf65583181c2f89168ec, followed by a 32-bit encoded random string. Open it with an editor and take a look at its contents:

admin|N;
Copy after login

General content structure:

Variable name | Type: length: value;

And separate each variable with a semicolon. Some can be omitted, such as length and type.

Let's take a look at the verification program. Assume that the database stores the user name and md5 encrypted password:

// 表单提交后...   
$posts = $_POST; 
// 清除一些空白符号 
foreach ($posts as $key => $value) 
{ 
$posts[$key] = trim($value); 
} 
$password = md5($posts["password"]); 
$username = $posts["username"]; 
$query = "SELECT `username` FROM `user` WHERE `password` = '$password'"; 
// 取得查询结果 
$userInfo = $DB->getRow($query); 
if (!emptyempty($userInfo)) 
{ 
if ($userInfo["username"] == $username) 
{ 
// 当验证通过后,启动 session 
session_start(); 
// 注册登陆成功的 admin 变量,并赋值 true 
$_SESSION["admin"] = true; 
} 
else 
{ 
die("用户名密码错误"); 
} 
} 
else 
{ 
die("用户名密码错误"); 
}
Copy after login

We start the session on the page that requires user verification to determine whether to log in:

// 防止全局变量造成安全隐患 
$admin = false; 
// 启动会话,这步必不可少 
session_start(); 
// 判断是否登陆 
if (isset($_SESSION["admin"]) && $_SESSION["admin"] == true) 
{ 
echo "您已经成功登陆"; 
} 
else 
{ 
// 验证失败,将 $_session["admin"] 置为 false 
$_SESSION["admin"] = false; 
die("您无权访问"); 
} 
?>
Copy after login

Isn’t it very simple? Just think of $_session as an array stored on the server side. Each variable we register is the key of the array, which is no different from using an array.

What should I do if I want to log out of the system? Just destroy the session.

<?php 
session_start(); 
// 这种方法是将原来注册的某个变量销毁 
unset($_SESSION["admin"]); 
// 这种方法是销毁整个 session 文件 
session_destroy(); 
?>
Copy after login

Can Session set the life cycle like Cookie? With Session, will Cookie be abandoned completely? I would say that it is most convenient to use Session in conjunction with Cookie.

How does Session determine the client user? It is determined by Session ID. What is Session ID is the file name of the Session file. Session ID is randomly generated, so it can be guaranteed to be unique. sex and randomness to ensure the security of Session. Generally, if the Session life cycle is not set, the Session ID is stored in the memory. After closing the browser, the ID is automatically logged out. After re-requesting the page, a new session ID is registered.

If the client does not disable cookies, the cookie plays the role of storing the Session ID and session lifetime when starting the Session session. Let's manually set the lifetime of the session:

session_start(); 
// 保存一天 
$lifeTime = 24 * 3600; 
setcookie(session_name(), session_id(), time() + $lifeTime, "/"); 
?>  
Copy after login

In fact, Session also provides a function session_set_cookie_params(); to set the lifetime of the Session. This function must be called before the session_start() function is called:

// 保存一天 
<?php 
$lifeTime = 24 * 3600; 
session_set_cookie_params($lifeTime); 
session_start(); 
$_session["admin"] = true; 
?>  
Copy after login

If the client uses IE 6.0, the session_set_cookie_params(); function will have some problems setting cookies, so we still call the setcookie function manually to create cookies.

What if the client disables cookies? There is no way, the entire life cycle is the browser process. As long as you close the browser and request the page again, you have to re-register the Session. So how to pass the Session ID? Pass it through the URL or through a hidden form. PHP will automatically send the session ID to the URL. The URL is in the form: http://www.openphp .cn /index.php?PHPSESSID=bba5b2a240a77e5b44cfa01d49cf9669, where The parameter PHPSESSID in the URL is the Session ID. We can use $_GET to obtain the value, thereby transferring the session ID between pages.

// 保存一天 
<?php 
$lifeTime = 24 * 3600; 
// 取得当前 session 名,默认为 PHPSESSID 
$sessionName = session_name(); 
// 取得 session ID $sessionID = $_GET[$sessionName]; 
// 使用 session_id() 设置获得的 session ID 
session_id($sessionID); 
session_set_cookie_params($lifeTime); 
session_start(); 
$_session["admin"] = true; 
?>
Copy after login

For virtual hosts, if all users’ Sessions are saved in the system temporary folder, it will cause difficulty in maintenance and reduce security. We can manually set the saving path of the Session file, session_save_path () provides such a function. We can point the session storage directory to a folder that cannot be accessed through the Web. Of course, the folder must have read-write attributes.

<?php 
// 设置一个存放目录 
$savePath = "./session_save_dir/"; 
// 保存一天 
$lifeTime = 24 * 3600; 
session_save_path($savePath); session_set_cookie_params($lifeTime); 
session_start(); 
$_session["admin"] = true; 
?>  
Copy after login

Same as the session_set_cookie_params(); function, the session_save_path() function must also be called before the session_start() function is called. We can also store arrays and objects in session. There is no difference between operating an array and operating a general variable. When saving an object, PHP will automatically serialize the object (also called serialization) and then save it in the session. The following example illustrates this point:

<?php 
class person 
{ 
var $age; 
function output() 
{ 
echo $this->age; 
} 
function setAge($age) { 
$this->age = $age; 
} 
} 
?> 
setage.PHP 
<?php 
session_start(); 
require_once "person.PHP"; 
$person = new person(); 
$person->setAge(21); 
$_session[&#39;person&#39;] = $person; 
echo "check here to output age"; 
?> 
output.PHP 
<?php 
// 设置回调函数,确保重新构建对象。 
ini_set(&#39;unserialize_callback_func&#39;, &#39;mycallback&#39;); 
function mycallback($classname) { 
$classname . ".PHP"; 
} 
session_start(); 
$person = $_session["person"]; 
// 输出 21 
$person->output(); 
?>
Copy after login

Summary: The above is the entire content of this article, I hope it will be helpful to everyone's learning.

Related recommendations:

PHP method to obtain remote image size and size

php double-layer loop implementation Ninety-Nine Multiplication Table

php calls the express bird interface

The above is the detailed content of How to create Session in Php. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template