The previous article introduced to you "Why does PHP have security issues? What are the essence and three elements of safety issues?》, this article continues to introduce to you what cookie.session is? What is the difference between them? Let’s study together! ! !
What are cookies and sessions?
Cookie: a cookie stored on the user side- A small piece of text, a technique used by the server to identify the user.
session: Based on cookies, but the data is not stored on the client, but on the server. The client only stores an id, also called session id. The server can use this session .id to find the user's information.
We understand that the http protocol is a stateless protocol. When we browse the website, how does the backend know the client's information? Therefore, we can use the above two methods (cookie, session)
What is the difference between cookie and session?
Specifically, the cookie mechanism uses a solution that maintains state on the client side, while the session mechanism uses a solution that maintains state on the server side. At the same time, we also see that due to the use of server-side persistence The state solution also needs to save an identity on the client, so the session mechanism may need to use the cookie mechanism to achieve the purpose of saving the identity, but in fact it has other options.
Cookie mechanism. The orthodox cookie distribution is through extension Implemented by the HTTP protocol, the server adds a special line of instructions to the HTTP response header to prompt the browser to generate the corresponding cookie according to the instructions. However, pure client-side scripts such as JavaScript or VBScript can also generate cookies. The use of cookies It is automatically sent to the server in the background by the browser according to certain principles. The browser checks all stored cookies. If the declared scope of a cookie is greater than or equal to the location of the resource to be requested, the cookie is attached to the request. The HTTP request header of the resource is sent to the server.
The content of the cookie mainly includes: name, value, expiration time, path and domain. The path and domain together constitute the scope of the cookie. If the expiration time is not set, it means that this cookie The cookie's lifetime is during the browser session. When the browser window is closed, the cookie disappears. This type of cookie whose lifetime is during the browser session is called a session cookie. Session cookies are generally not stored on the hard disk but in memory. Of course, this behavior is not stipulated in the specification. If the expiration time is set, the browser will save the cookies to the hard disk. After closing and opening the browser again, these cookies will still be valid until the set expiration time is exceeded. Stored on the hard disk Cookies can be shared between different browser processes, such as two IE windows. For cookies stored in memory, different browsers have different processing methods
(cookie) specific code For example:
Code explanation:
First set a cookie function, you can use the setcookie function, how to set it after we set the cookie function take out? As can be seen from the code, we can use $_cookie[], but when we execute this code, the result shows that there is no such title (the code result is shown below). When we comment out setcookie, the execution code shows that we entered The result, (as shown below),
(session) code:
1, 'name'=>'张三' , ' age'=>18); echo '' ; print_r($_SESSION[ 'user']); ?>Copy after login
The code results are as follows:
Recommended learning: "PHP Video Tutorial"
The above is the detailed content of What is cookie.session? What is the difference between them? (detailed introduction). For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
