欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  php教程

[PHP]会话存储方式详解

程序员文章站 2022-05-30 10:50:06
...
首先确认会话是否自动开启还是需要通过session_start()来手动开启:

; 指定会话模块是否在请求开始时自动启动一个会话。默认为 0(不启动)

; Initialize session on request startup.

; http://php.net/session.auto-start

session.auto_start = 0

客户端存储

在客户端,会话可以存储在cookie或者通过URL参数来获取。依赖于服务器的配置:

; 指定是否在客户端用 cookie 来存放会话 ID。默认为 1(启用)

; Whether to use cookies.

; http://php.net/session.use-cookies

session.use_cookies = 1

; 指定是否在客户端仅仅使用 cookie 来存放会话 ID。。启用此设定可以防止有关通过 URL 传递会话 ID 的攻击。

; This option forces PHP to fetch and use a cookie for storing and maintaining

; the session id. We encourage this operation as it's very helpful in combatting

; session hijacking when not specifying and managing your own session id. It is

; not the end all be all of session hijacking defense, but it's a good start.

; http://php.net/session.use-only-cookies

session.use_only_cookies = 1

如果确认存储在cookie中,则可以进一点配置会话存储在cookie中的各项配置,如cookie_name,cookie_lifetime,cookie_path,cookie_domain,cookie_secure,cookie_httponly

; Name of the session (used as cookie name).

; http://php.net/session.name

session.name = PHPSESSID

; Lifetime in seconds of cookie or, if 0, until browser is restarted.

; http://php.net/session.cookie-lifetime

session.cookie_lifetime = 0

; The path for which the cookie is valid.

; http://php.net/session.cookie-path

session.cookie_path = /

; The domain for which the cookie is valid.

; http://php.net/session.cookie-domain

session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.

; http://php.net/session.cookie-httponly

session.cookie_httponly =

服务器端存储

在服务器端,同样也可以通过多种方式来存储会话。默认会话存储在文件中,此时session.save_path为创建存储文件的路径。

; Handler used to store/retrieve data.

; http://php.net/session.save-handler

session.save_handler = files

; Argument passed to save_handler. In the case of files, this is the path

; where data files are stored. Note: Windows users have to change this

; variable in order to use PHP's session functions.

;

; The path can be defined as:

;

; session.save_path = "N;/path"

;

; where N is an integer. Instead of storing all the session files in

; /path, what this will do is use subdirectories N-levels deep, and

; store the session data in those directories. This is useful if you

; or your OS have problems with lots of files in one directory, and is

; a more efficient layout for servers that handle lots of sessions.

;

; NOTE 1: PHP will not create this directory structure automatically.

; You can use the script in the ext/session dir for that purpose.

; NOTE 2: See the section on garbage collection below if you choose to

; use subdirectories for session storage

;

; The file storage module creates files using mode 600 by default.

; You can change that by using

;

; session.save_path = "N;MODE;/path"

;

; where MODE is the octal representation of the mode. Note that this

; does not overwrite the process's umask.

; http://php.net/session.save-path

;session.save_path = "/tmp"

PHP支持通过session_set_save_handler来实现会话处理器的自定义open, close, read, write, destroy, gc处理函数,常见的会话处理器包括使用内存型分配(如mm,memcache等),也可以使用数据库进行存储。由此可见,若需要会话存储与文件系统(例如用数据库PostgreSQL Session Save Handler或默认的文件存储files)协同工作的,此时有可能造成用户定制的会话处理器丢失了未存储数据的会话。若使用内存型分配存储,又需要考虑会话持久化存储问题。

接下来重点讲解memcache(d?)会话处理器。

Memcache模块提供了于memcached方便的面向过程及面向对象的接口,memcached是为了降低动态web应用 从数据库加载数据而产生的一种常驻进程缓存产品。

Memcache模块同时提供了一个session 处理器 (memcache).

更多关于memcached的信息请参见» http://www.memcached.org/.

memcached是一个高性能分布式的内存对象缓存系统, 通常被用于降低数据库加载压力以提高动态web应用的响应速度。

此扩展使用了libmemcached库提供的api与memcached服务端进行交互。它同样提供了一个session处理器(memcached)。 它同时提供了一个session处理器(memcached)。

关于libmemcached的更多信息可以在» http://libmemcached.org/libMemcached.html查看。

memcache会话处理器配置:

session.save_handler = memcache

session.save_path = "tcp://127.0.0.1:11211?persistent=0&weight=1&timeout=1&retry_interval=15,tcp://127.0.0.1:11212?persistent=0&weight=1&timeout=1&retry_interval=15,tcp://127.0.0.1:11213?persistent=0&weight=1&timeout=1&retry_interval=15,tcp://127.0.0.1:11214?persistent=0&weight=1&timeout=1&retry_interval=15"