Shulou(Shulou.com)06/03 Report--

This article mainly explains "the generation mechanism, recovery mechanism and storage mechanism of Session in php". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn "the generation mechanism, recycling mechanism and storage mechanism of Session in php".

1. The generation mechanism of session in php

Let's first analyze how a session is generated in PHP. Session is designed to maintain the various states of each user to make up for the shortcomings of the HTTP protocol (stateless). We now have a question, we all know that session is stored on the server, since it is used to maintain the state of each user, what does it use to distinguish users? At this point, we have to rely on cookie. When we call session_start (); in the code, PHP generates a file to both the SESSION's storage directory (default is / tmp/) and the client's cookie directory. The session file name looks like this:

The format is sess_ {SESSIONID}, when there is nothing in the session file, when we add these two lines of code in session_start ();:

The copy code is as follows:

$_ SESSION ['name'] =' wanchun0222'

$_ SESSION ['blog'] =' coderbolg.net'

At this point, the document has content:

The copy code is as follows:

Name | name 11: "wanchun0222"; blog | Spur13: "coderbolg.net"

Then take a look at cookie:

You can see that the server automatically generates a cookie,cookie named "PHPSESSID" for us, and the cookie content is a string of characters, which is actually {SESSIONID}. As you may have understood, when we use session, PHP will be a unique SESSIONID number (such as 2bd170b3f86523f1b1b60b55ffde0f66), and then generate a file named sess_ {SESSIONID} in the default directory of our server, and at the same time generate a cookie in the client of the current user, the content has been said. In this way, PHP generates a SESSIONID for each user, that is, a session file for each user. PHP writes cookie to the client the first time it uses session for a user. When the user visits it later, the browser will take the cookie,PHP to read out the SESSIONID after getting the cookie, and then take the SESSIONID to the session directory to find the session file. When found, it is displayed when you call $_ SESSION ['blog'].

2. The expired recovery mechanism of session in php.

We understand how session is generated and how it works, and we find that there are many session files in the session directory. Of course, these files must not exist forever, and PHP must provide an expired recycling mechanism. In php.ini, session.gc_maxlifetime sets the time to live for session (the default is 1440s). If the last update time of the session file exceeds the lifetime by now, the session file is considered to be out of date. It will be deleted the next time session is recycled. So when is the next session recycling? This is related to the number of php requests. In the PHP internal mechanism, the recycling mechanism will be triggered once after the php has been requested N times. How many requests are triggered each time is controlled by the following two parameters:

The copy code is as follows:

Session.gc_probability = 1

Session.gc_divisor = 100

This is the default setting for php.ini, which means that every 100 PHP requests will be recycled. The probability is gc_probability/gc_divisor. Let's take a look at the server-side session expiration mechanism, and then look at the client-side cookie expiration mechanism.

If the cookie fails, the browser will not be able to send cookie to the server, even if the server's session file exists, because the PHP does not know which session file to read. We know that the cookie expiration time of PHP is set at creation time, so how long is the life cycle of the cookie that PHP creates for the client while creating the session? This is set in php.ini: session.cookie_lifetime. This value defaults to 0, which means that as soon as the browser closes SESSIONID, it becomes invalid. That means we can control the failure time of session by setting session.gc_maxlifetime and session.cookie_lifetime to the same value.

3. Client-side storage mechanism of session in php

As we can see from the above introduction, if the user turns off cookie, then our session will not work at all. Yes, it is. Is cookie the only client-side storage mechanism for session in php? No. Since our SESSIONID cannot be passed to each page through cookie, we have another magic weapon, which is to pass the value through the page GET.

PHP can automatically pass SESSIONID across pages in GET mode when cookie is disabled, provided that the session.use_trans_sid of php.ini is set to 1. At this point, we use session when we disable cookie on the client side, and when the current page clicks a link to another page, PHP automatically adds the SESSIONID parameter to the link.

At this point, I believe you have a deeper understanding of "the generation mechanism, recycling mechanism and storage mechanism of Session in php". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.