PHP session使ç¨ç»éªæ±æ»
ä»ä¹æ¯session
Session çä¸æè¯åå«åâä¼è¯âï¼å ¶æ¬æ¥çå«ä¹æ¯ææå§æç»çä¸ç³»åå¨ä½/æ¶æ¯ï¼æ¯å¦æçµè¯æ¶ä»æ¿èµ·çµè¯æ¨å·å°ææçµè¯è¿ä¸é´çä¸ç³»åè¿ç¨å¯ä»¥ç§°ä¹ä¸ºä¸ä¸ª sessionãç®å社ä¼ä¸å¯¹ session çç解é常混乱ï¼ææ¶åæ们å¯ä»¥çå°è¿æ ·çè¯âå¨ä¸ä¸ªæµè§å¨ä¼è¯æé´ï¼...âï¼è¿éçä¼è¯æ¯æä»ä¸ä¸ªæµè§å¨çªå£æå¼å°å ³éè¿ä¸ªæé´ï¼ ä¹å¯ä»¥çå°âç¨æ·ï¼å®¢æ·ç«¯ï¼å¨ä¸æ¬¡ä¼è¯æé´âè¿æ ·ä¸å¥è¯ï¼å®å¯è½æç¨æ·çä¸ç³»åå¨ä½ï¼ä¸è¬æ åµä¸æ¯åæä¸ªå ·ä½ç®çç¸å ³çä¸ç³»åå¨ä½ï¼æ¯å¦ä»ç»å½å°éè´ååå°ç»è´¦ç»åºè¿æ ·ä¸ä¸ªç½ä¸è´ç©çè¿ç¨ï¼ç¶èææ¶åä¹å¯è½ä» ä» æ¯æä¸æ¬¡è¿æ¥ï¼å ¶ä¸çå·®å«åªè½é ä¸ä¸ææ¥æ¨æäºã
ç¶èå½ session ä¸è¯ä¸ç½ç»åè®®ç¸å ³èæ¶ï¼å®åå¾å¾éå«äºâé¢åè¿æ¥âå/æâä¿æç¶æâè¿æ ·ä¸¤ä¸ªå«ä¹ï¼âé¢åè¿æ¥âæçæ¯å¨éä¿¡åæ¹å¨éä¿¡ä¹åè¦å 建ç«ä¸ä¸ªéä¿¡çæ¸ éï¼æ¯å¦æçµè¯ï¼ç´å°å¯¹æ¹æ¥äºçµè¯éä¿¡æè½å¼å§ãâä¿æç¶æâåæ¯æéä¿¡çä¸æ¹è½å¤æä¸ç³»åçæ¶æ¯å ³èèµ·æ¥ï¼ä½¿å¾æ¶æ¯ä¹é´å¯ä»¥äºç¸ä¾èµï¼æ¯å¦ä¸ä¸ªæå¡åè½å¤è®¤åºå次å 临çè顾客并ä¸è®°å¾ä¸æ¬¡è¿ä¸ªé¡¾å®¢è¿æ¬ åºéä¸åé±ãè¿ä¸ç±»çä¾åæâ ä¸ä¸ªTCP session âæè âä¸ä¸ª POP3 sessionâã
é´äºè¿ç§æ··ä¹±å·²ä¸å¯æ¹åï¼è¦ä¸º session ä¸ä¸ªå®ä¹å°±å¾é¾æç»ä¸çæ åãèå¨é 读 session ç¸å ³èµææ¶ï¼æ们ä¹åªæé ä¸ä¸ææ¥æ¨æç解äºãä¸è¿æ们å¯ä»¥è¿æ ·ç解ï¼ä¾å¦æ们æçµè¯ï¼ä»æ¨éçé£ä¸å»èµ·å°ææçµè¯æé´ï¼å 为çµè¯ä¸ç´ä¿æçæ¥éçç¶æï¼æ以æè¿ç§æ¥éçç¶æå«å sessionãå®æ¯è®¿å®¢ä¸æ´ä¸ªç½ç«äº¤äºè¿ç¨ä¸ä¸ç´åå¨çå ¬æåéï¼å¨å®¢æ·ç«¯ä¸æ¯æ COOKIE çæ¶åï¼ä¸ºäºä¿è¯æ°æ®æ£ç¡®ãå®å ¨ï¼å°±éç¨ SESSION åéã访é®ç½ç«çæ¥å®¢ä¼è¢«åé ä¸ä¸ªå¯ä¸çæ è¯ç¬¦ï¼å³æè°çä¼è¯ IDãå®è¦ä¹åæ¾å¨å®¢æ·ç«¯ç cookieï¼è¦ä¹ç»ç± URL ä¼ éã
SESSION çåæå¡«è¡¥äº HTTP åè®®çå±éï¼HTTPå议被认为æ¯æ ç¶æåè®®ï¼æ æ³å¾ç¥ç¨æ·çæµè§ç¶æï¼å½å®å¨æå¡ç«¯å®æååºä¹åï¼æå¡å¨å°±å¤±å»äºä¸è¯¥æµè§å¨çèç³»ãè¿ä¸HTTPåè®®æ¬æ¥çç®çæ¯ç¸ç¬¦çï¼å®¢æ·ç«¯åªéè¦ç®åçåæå¡å¨è¯·æ±ä¸è½½æäºæ件ï¼æ 论æ¯å®¢æ·ç«¯è¿æ¯æå¡å¨é½æ²¡æå¿ è¦çºªå½å½¼æ¤è¿å»çè¡ä¸ºï¼æ¯ä¸æ¬¡è¯·æ±ä¹é´é½æ¯ç¬ç«çï¼å¥½æ¯ä¸ä¸ªé¡¾å®¢åä¸ä¸ªèªå¨å®è´§æºæè ä¸ä¸ªæ®éçï¼éä¼åå¶ï¼å¤§ååºä¹é´çå ³ç³»ä¸æ ·ã
å æ¤éè¿SESSION(cookieæ¯å¦å¤ä¸ç§è§£å³åæ³)è®°å½ç¨æ·çæå ³ä¿¡æ¯ï¼ä»¥ä¾ç¨æ·å次以æ¤èº«ä»½å¯¹webæå¡å¨æ起请æ±æ¶ä½ç¡®è®¤ãä¼è¯çåæ使å¾ä¸ä¸ªç¨æ·å¨å¤ä¸ªé¡µé¢é´åæ¢æ¶è½å¤ä¿åä»çä¿¡æ¯ãç½ç«ç¼ç¨äººåé½æè¿æ ·çä½ä¼ï¼æ¯ä¸é¡µä¸çåéæ¯ä¸è½å¨ä¸ä¸é¡µä¸ä½¿ç¨ç(è½ç¶formï¼urlä¹å¯ä»¥å®ç°ï¼ä½è¿é½æ¯é常ä¸çæ³çåæ³)ï¼èSESSIONä¸æ³¨åçåéå°±å¯ä»¥ä½ä¸ºå ¨å±åé使ç¨äºã
é£ä¹ SESSION å°åºæä»ä¹ç¨å¤å¢ï¼ç½ä¸è´ç©æ¶å¤§å®¶é½ç¨è¿è´ç©è½¦ï¼ä½ å¯ä»¥éæ¶æä½ éè´çååå å ¥å°è´ç©è½¦ä¸ï¼æååå»æ¶é¶å°ç»å¸ãå¨æ´ä¸ªè¿ç¨ä¸è´ç©è½¦ä¸ç´æ®æ¼ç临æ¶å贮被éååçè§è²ï¼ç¨å®è¿½è¸ªç¨æ·å¨ç½ç«ä¸çæ´»å¨æ åµï¼è¿å°±æ¯ SESSION çä½ç¨ï¼å®å¯ä»¥ç¨äºç¨æ·èº«ä»½è®¤è¯ï¼ç¨åºç¶æè®°å½ï¼é¡µé¢ä¹é´åæ°ä¼ éçã
SESSION çå®ç°ä¸éç¨ COOKIE ææ¯ï¼SESSION ä¼å¨å®¢æ·ç«¯ä¿åä¸ä¸ªå å« session_id(SESSIONç¼å·)ç COOKIEï¼å¨æå¡å¨ç«¯ä¿åå ¶ä» session åéï¼æ¯å¦ session_name ççãå½ç¨æ·è¯·æ±æå¡å¨æ¶ä¹æ session_id ä¸èµ·åéå°æå¡å¨ï¼éè¿ session_id æåæä¿åå¨æå¡å¨ç«¯çåéï¼å°±è½è¯å«ç¨æ·æ¯è°äºãåæ¶ä¹ä¸é¾ç解为ä»ä¹ SESSION ææ¶ä¼å¤±æäºã
å½å®¢æ·ç«¯ç¦ç¨ COOKIE æ¶(ç¹å»IEä¸çâå·¥å ·âââInterneté项âï¼å¨å¼¹åºç对è¯æ¡éç¹å»âå®å ¨âââèªå®ä¹çº§å«â项ï¼å°âå 许æ¯ä¸ªå¯¹è¯COOKIEâ设为ç¦ç¨)ï¼session_id å°æ æ³ä¼ éï¼æ¤æ¶ SESSION 失æãä¸è¿ php5 å¨ linux/unix å¹³å°å¯ä»¥èªå¨æ£æ¥ cookie ç¶æï¼å¦æ客æ·ç«¯è®¾ç½®äºç¦ç¨ï¼åç³»ç»èªå¨æ session_id éå å° url ä¸ä¼ éãwindows 主æºåæ æ¤åè½ã
Session常è§å½æ°åç¨æ³
Session_start()ï¼å¼å§ä¸ä¸ªä¼è¯æè è¿åå·²ç»åå¨çä¼è¯ã
说æï¼è¿ä¸ªå½æ°æ²¡æåæ°ï¼ä¸è¿åå¼å为trueãå¦æä½ ä½¿ç¨åºäºcookieçsession(cookie-based sessions)ï¼é£ä¹å¨ä½¿ç¨Session_start()ä¹åæµè§å¨ä¸è½æä»»ä½è¾åºï¼å¦åä¼åç以ä¸é误ï¼
Warning: Cannot send session cache limiter - headers already sent (output started at /usr/local/apache/htdocs/cga/member/1.php:2)â¦â¦â¦â¦
ä½ å¯ä»¥å¨ php.ini éå¯å¨ session.auto_start=1ï¼è¿æ ·å°±æ éæ¯æ¬¡ä½¿ç¨ session ä¹åé½è¦è°ç¨ session_start()ãä½å¯ç¨è¯¥é项ä¹æä¸äºéå¶ï¼å¦æç¡®å®å¯ç¨äº session.auto_startï¼åä¸è½å°å¯¹è±¡æ¾å ¥ä¼è¯ä¸ï¼å 为类å®ä¹å¿ é¡»å¨å¯å¨ä¼è¯ä¹åå 载以å¨ä¼è¯ä¸é建对象ã
请æ±ç»æåææ注åçåéé½ä¼è¢«åºååã已注åä½æªå®ä¹çåé被æ 记为æªå®ä¹ãå¨ä¹åç访é®ä¸è¿äºåéä¹æªè¢«ä¼è¯æ¨¡åå®ä¹ï¼é¤éç¨æ·ä»¥åå®ä¹å®ä»¬ã
è¦åï¼æäºç±»åçæ°æ®ä¸è½è¢«åºååå æ¤ä¹å°±ä¸è½ä¿åå¨ä¼è¯ä¸ãå æ¬ resource åéæè æ循ç¯å¼ç¨ç对象ï¼å³æ对象å°ä¸ä¸ªæåèªå·±çå¼ç¨ä¼ éç»å¦ä¸ä¸ªå¯¹è±¡ï¼ã
注åSESSIONåéï¼
PHP5使ç¨$_SESSION[âxxxâ]=xxx注åSESSIONå ¨å±åéãåGETï¼POSTï¼COOKIEç使ç¨æ¹æ³ç¸ä¼¼ã
注æï¼session_register()ï¼session_unregister ï¼session_is_registeredå¨ php5 ä¸ä¸å使ç¨ï¼é¤éå¨ php.ini éæregister_globle 设为 onï¼ä¸è¿åºäºå®å ¨èèï¼å¼ºçå»ºè®®å ³é register_globleãHTTP_SESSION_VARS ä¹ä¸æå¡ä½¿ç¨äºï¼å®æ¹å»ºè®®ç¨ $_SESSION 代æ¿ä¹ãä¾å¦ï¼
Page1.php
éè¿COOKIEä¼ éSESSION'; //å¦æ客æ·ç«¯æ¯æcookieï¼å¯éè¿è¯¥é¾æ¥ä¼ ésessionå°ä¸ä¸é¡µã echo '
éè¿URLä¼ éSESSION';//客æ·ç«¯ä¸æ¯æcookieæ¶ï¼ä½¿ç¨è¯¥åæ³ä¼ ésession. ?>
Page2.php
è¿åå±±ä¸é¡µ'; ?>
æ两ç§æ¹æ³ä¼ éä¸ä¸ªä¼è¯ IDï¼
ä¸ä¸ªæ¯cookieï¼å¦ä¸ä¸ªæ¯ URL åæ°ã
ä¼è¯æ¨¡åæ¯æè¿ä¸¤ç§æ¹æ³ãcookie æ´ä¼åï¼ä½ç±äºä¸æ»æ¯å¯ç¨ï¼ä¹æä¾æ¿ä»£çæ¹æ³ã第äºç§æ¹æ³ç´æ¥å°ä¼è¯ ID åµå ¥å° URL ä¸é´å»ã PHP å¯ä»¥éæå°è½¬æ¢è¿æ¥ãé¤éæ¯ä½¿ç¨ PHP 4.2 ææ´æ°çæ¬ï¼éè¦æå·¥å¨ç¼è¯ PHP æ¶æ¿æ´»ãå¨ Unix ä¸ï¼ç¨ --enable-trans-sid é ç½®é项ãå¦ææ¤é ç½®é项åè¿è¡æ¶é项 session.use_trans_sid é½è¢«æ¿æ´»(ä¿®æ¹php.ini)ï¼ç¸å¯¹ URI å°è¢«èªå¨ä¿®æ¹ä¸ºå å«ä¼è¯ IDã
- session_id
- æ£æ¥ session æ¯å¦åå¨
- æ´æ¹ session_id
session_id() ç¨äºè®¾å®æåå¾å½å session_idãphp5 ä¸æ¢å¯ä»¥ä½¿ç¨ session_id()ï¼ä¹å¯ä»¥éè¿éå å¨ url ä¸ç SID åå¾å½åä¼è¯ç session_id å session_nameã
å¦æ session_id() æå ·ä½æå®å¼çè¯ï¼å°å代å½åç session_id å¼ã使ç¨è¯¥å½æ°åå¿ é¡»å¯å¨ä¼è¯ï¼session_start();
å½æä»¬ä½¿ç¨ session cookies æ¶ï¼å¦ææå®äºä¸ä¸ª session_id() å¼ï¼æ¯æ¬¡å¯å¨ session_start() é½ä¼å¾å®¢æ·ç«¯åéä¸ä¸ªcookie å¼ãä¸è®ºå½å session_id æ¯å¦ä¸æå®å¼ç¸çã
session_id() å¦æ没ææå®å¼ï¼åè¿åå½å session_id();å½åä¼è¯æ²¡æå¯å¨çè¯ï¼åè¿å空å符串ã
å¨ä»¥å¾ç php çæ¬ä¸éå¸¸ä½¿ç¨ session_is_register() æ£æ¥ session æ¯å¦åå¨ï¼å¦ææ¨ä½¿ç¨ $_SESSION['XXX']=XXX æ¥æ³¨åä¼è¯åéï¼å session_is_register() å½æ°ä¸åèµ·ä½ç¨ãä½ å¯ä»¥ä½¿ç¨ isset($_SESSION['xxx']) æ¥æ¿ä»£ã
session_regenerate_id() æ´æ¹æååè¿å trueï¼å¤±è´¥åè¿å falseã 使ç¨è¯¥å½æ°å¯ä»¥ä¸ºå½å session æ´æ¹ session_idï¼ä½ä¸æ¹åå½å session çå ¶ä»ä¿¡æ¯ãä¾å¦ï¼
"; echo "æ°ç SessionID: $new_sessionid
"; echo""; print_r($_SESSION); echo""; ?>
è¿åå½å session ç name ææ¹åå½å session ç nameãå¦æè¦æ¹åå½å session ç nameï¼å¿ é¡»å¨ session_start() ä¹åè°ç¨è¯¥å½æ°ã注æï¼session_name ä¸è½åªç±æ°åç»æï¼å®è³å°å å«ä¸ä¸ªåæ¯ãå¦åä¼å¨æ¯æ¶æ¯å»é½çæä¸ä¸ªæ°ç session idãsession æ¹å示ä¾ï¼
unset ($_SESSION['xxx']) å é¤å个 sessionï¼unset($_SESSION['xxx']) ç¨æ¥ unregister ä¸ä¸ªå·²æ³¨åç session åéãå ¶ä½ç¨å session_unregister() ç¸åãsession_unregister() å¨ PHP5 ä¸ä¸å使ç¨ï¼å¯å°ä¹æå ¥å·å®«ã unset($_SESSION) æ¤å½æ°åä¸ä¸å¯ä½¿ç¨ï¼å®ä¼å°å ¨å±åé $_SESSION éæ¯ï¼èä¸è¿æ²¡æå¯è¡çåæ³å°å ¶æ¢å¤ãç¨æ·ä¹ä¸åå¯ä»¥æ³¨å $_SESSION åéã
$_SESSION=array() å é¤å¤ä¸ª session
session_destroy() ç»æå½åçä¼è¯ï¼å¹¶æ¸ 空ä¼è¯ä¸çææèµæºã该å½æ°ä¸ä¼ unset (éæ¾)åå½å session ç¸å ³çå ¨å±åé(globalvariables)ï¼ä¹ä¸ä¼å é¤å®¢æ·ç«¯ç session cookieãPHP é»è®¤ç session æ¯åºäº cookie çï¼å¦æè¦å é¤ cookie çè¯ï¼å¿ é¡»åå© setcookie() å½æ°ãè¿åå¼ï¼å¸å°å¼ãåè½è¯´æï¼è¿ä¸ªå½æ°ç»æå½åç sessionï¼æ¤å½æ°æ²¡æåæ°ï¼ä¸è¿åå¼å为 trueã
session_unset() å¦æ使ç¨äº $_SESSIONï¼å该å½æ°ä¸åèµ·ä½ç¨ãç±äº PHP5 å¿ å®è¦ä½¿ç¨ $_SESSIONï¼æ以æ¤å½æ°å¯ä»¥æå ¥å·å®«äºã
ä¸é¢æ¯ PHP å®æ¹å ³äºå é¤ session çæ¡ä¾ï¼
ç±æ¤æ们å¯ä»¥å¾åºå é¤Sessionçæ¥éª¤ï¼
- session_start();
- $_SESSION=array()/unset($_SESSION['xxx'])
- session_destroy()
SESSIONå®å ¨:
ä¼è¯æ¨¡åä¸è½ä¿è¯åæ¾å¨ä¼è¯ä¸çä¿¡æ¯åªè½è¢«å建该ä¼è¯çç¨æ·çå°ãæ ¹æ®å ¶åæ¾çæ°æ®ï¼è¿éè¦éåæ´å¤æªæ½æ¥ä¸»å¨ä¿æ¤ä¼è¯çå®æ´æ§ã
è¯ä¼°ä¼è¯ä¸æºå¸¦çæ°æ®å¹¶å®æ½éå ä¿æ¤æªæ½é常è¦ä»åºä»£ä»·ï¼éä½ç¨æ·çæ¹ä¾¿ç¨åº¦ãä¾å¦ï¼å¦æè¦ä¿æ¤ç¨æ·å äºåç®åç社交çç¥ä¾µå®³ï¼æ³¨ï¼æå¨ URL ä¸æ¾ç¤ºçä¼è¯ ID ä¼è¢«å«äººå¨çµèå±å¹ä¸çå°ï¼æ被å«çç½ç«éè¿ HTTP Referer å¾å°çï¼ï¼ååºè¯¥å¯ç¨ session.use_only_cookiesãæ¤æ å½¢ä¸ï¼å®¢æ·ç«¯å¿ é¡»æ æ¡ä»¶å¯ç¨ cookieï¼å¦åä¼è¯å°±ä¸å·¥ä½ã
æå ç§éå¾ä¼å°ç°æçä¼è¯ ID æ³é²ç»ç¬¬ä¸æ¹ãæ³é²åºçä¼è¯ ID 使第ä¸æ¹è½å¤è®¿é®ææä¸æå® ID ç¸å ³èçèµæºã第ä¸ï¼URL æºå¸¦ä¼è¯ IDãå¦æè¿æ¥å°å¤é¨ç«ç¹ï¼å å«æä¼è¯ ID ç URL å¯è½ä¼è¢«åå¨å¤é¨ç«ç¹ç Referer æ¥å¿ä¸ã第äºï¼è¾ä¸»å¨çæ»å»è å¯è½ä¼ä¾¦å¬ç½æ®µçæ°æ®å ãå¦ææªå å¯ï¼ä¼è¯ ID ä¼ä»¥æææ¹å¼å¨ç½ç»ä¸æµè¿ã对æ¤ç解å³æ¹å¼æ¯å¨æå¡å¨ä¸å®æ½ SSL 并强å¶ç¨æ·ä½¿ç¨ã
é»è®¤æ åµä¸ï¼ææä¸ç¹å®ä¼è¯ç¸å ³çæ°æ®é½è¢«åå¨å¨ç± INI é项 session.save_path æå®çç®å½ä¸çä¸ä¸ªæ件ä¸ã对æ¯ä¸ªä¼è¯ä¼å»ºç«ä¸ä¸ªæ件ï¼ä¸è®ºæ¯å¦ææ°æ®ä¸è¯¥ä¼è¯ç¸å ³ï¼ãè¿æ¯ç±äºæ¯æå¼ä¸ä¸ªä¼è¯å³å»ºç«ä¸ä¸ªæ件ï¼ä¸è®ºæ¯å¦ææ°æ®åå ¥å°è¯¥æ件ä¸ã注æç±äºåæ件系ç»ååå·¥ä½çéå¶ï¼æ¤è¡ä¸ºæ个å¯ä½ç¨ï¼æå¯è½é æç¨æ·å®å¶çä¼è¯å¤çå¨ï¼ä¾å¦ç¨æ°æ®åºï¼ä¸¢å¤±äºæªåå¨æ°æ®çä¼è¯ã
ä¸é¢ä»ç»å½æ°ä¸æå°ä¼ç¨å°ï¼ä½è¿æä¸äºæå ³sessionçå½æ°ä¹ä»ç»ä¸ä¸ï¼
session_encode å½æ°åè½ï¼sesssionä¿¡æ¯ç¼ç å½æ°ååï¼string session_encode(void); è¿åå¼ï¼å符串 åè½è¯´æï¼è¿åçå符串ä¸å å«å ¨å±åéä¸ååéçå称ä¸å¼ï¼å½¢å¼å¦ï¼ a|s:12:"it is a test";c|s:4:"lala"; aæ¯åéå s:12代表åéaçå¼"it is a testçé¿åº¦æ¯12 åéé´ç¨åå·â;âåéã
session_decode å½æ°åè½ï¼sesssionä¿¡æ¯è§£ç å½æ°ååï¼boolean session_decode (string data) è¿åå¼ï¼å¸å°å¼ åè½è¯´æï¼è¿ä¸ªå½æ°å¯å°sessionä¿¡æ¯è§£ç ï¼æååè¿åé»è¾å¼true
PHP5 ä¸åä½¿ç¨ session_idï¼èæ¯æå®åæä¸ä¸ªå¸¸é SIDï¼å¹¶ä¿åå¨ cookie ä¸ãå¦æ客æ·ç«¯ç¦ç¨äº cookieï¼php ä¼èªå¨éè¿ url èªå¨ä¼ å¨ä¼ é SIDï¼å ¶æ¡ä»¶æ¯è®¾ç½® php.ini ä¸ç session.use_trans_sid = 1ãæ¤æ¶å³ä½¿å®¢æ·ç«¯å³ä½¿ç¦ç¨äº cookie ä¹æ²¡å ³ç³»äºãç¨ strip_tags() æ¥è¾åº SID 以é¿å XSS ç¸å ³çæ»å»ã
Sessionè·¨é¡µä¼ éé®é¢ï¼
sessionè·¨é¡µä¼ ééè¦èèä¸ç§æ åµï¼
- 客æ·ç«¯ç¦ç¨äºcookieã
- æµè§å¨åºç°é®é¢ï¼ææ¶æ æ³ååcookie
- php.ini ä¸ç session.use_trans_sid = 0 æè ç¼è¯æ¶æ²¡ææå¼ --enable-trans-sid é项
为ä»ä¹ä¼è¿æ ·å¢ï¼ä¸é¢è§£éä¸ä¸åå ï¼
Session æ件å为两é¨åï¼session åéä¿åå¨æå¡å¨ç«¯ï¼é»è®¤ä»¥æ件æ¹å¼åå¨ sessionï¼ï¼è session id å以 cookie å½¢å¼ä¿åå¨å®¢æ·ç«¯ã(注æï¼session é»è®¤æ¯åºäº cookie ç)ã
å½ç¨æ·çæµè§å¨åæå¡å¨æåºè¯·æ±æ¶ï¼åæ¶åéå å« session id ç cookieï¼é»è®¤æ åµä¸ï¼ãæå¡å¨æ ¹æ®å®¢æ·ç«¯æä¾ç session id æ¥å¾å°ç¨æ·çæ件ï¼å³ä¿åå¨æå¡å¨ç«¯ç session åéå¼ãäºå®ä¸ï¼session id å¯ä»¥ä½¿ç¨å®¢æ·ç«¯ç Cookie æè Http1.1 åè®®ç Query_Stringï¼å°±æ¯è®¿é®çURLçâ?âåé¢çé¨åï¼æ¥ä¼ éç»æå¡å¨ï¼ç¶åæå¡å¨è¯»å Session çç®å½ãä¹å°±æ¯è¯´ï¼session id æ¯åå¾åå¨å¨æå¡ä¸ç session åéç身份è¯ãå½ä»£ç session_start(); è¿è¡çæ¶åï¼å°±å¨æå¡å¨ä¸äº§çäºä¸ä¸ª session æ件ï¼éä¹ä¹äº§çäºä¸ä¹å¯ä¸å¯¹åºçä¸ä¸ª session idï¼å®ä¹ session åé以ä¸å®å½¢å¼åå¨å¨åæ产çç session æ件ä¸ãéè¿ session idï¼å¯ä»¥ååºå®ä¹çåéã跨页åï¼ä¸ºäºä½¿ç¨ sessionï¼ä½ å¿ é¡»åæ§è¡ session_start();å°åä¼äº§çä¸ä¸ª session æ件ï¼ä¸ä¹å¯¹åºäº§çç¸åºç session idï¼ç¨è¿ä¸ª session id æ¯åä¸åºåé¢æå°ç第ä¸ä¸ª session æ件ä¸çåéçï¼å 为è¿ä¸ªsession id ä¸æ¯æå¼å®çâé¥åâãå¦æå¨ session_start(); ä¹åå 代ç session_id($session id);å°ä¸äº§çæ°ç session æ件ï¼ç´æ¥è¯»åä¸è¿ä¸ª id对åºç session æ件ã
PHP ä¸ç session å¨é»è®¤æ åµä¸æ¯ä½¿ç¨å®¢æ·ç«¯ç Cookie æ¥ä¿å session id çï¼æ以å½å®¢æ·ç«¯ç cookie åºç°é®é¢çæ¶åå°±ä¼å½±åsession äºãå¿ é¡»æ³¨æçæ¯ï¼session ä¸ä¸å®å¿ é¡»ä¾èµ cookieï¼è¿ä¹æ¯ session ç¸æ¯ cookie çé«æä¹å¤ãå½å®¢æ·ç«¯ç Cookie 被ç¦ç¨æåºç°é®é¢æ¶ï¼PHP ä¼èªå¨æ session id éçå¨ URL ä¸ï¼è¿æ ·åéè¿ session id å°±è½è·¨é¡µä½¿ç¨ session åéäºãä½è¿ç§éçä¹æ¯æä¸å®æ¡ä»¶çï¼å ¶ä¸ï¼âphp.iniä¸çsession.use_trans_sid = 1 æè ç¼è¯æ¶æå¼æå¼äº --enable-trans-sid é项âï¼å ¶äºï¼è¿è¡ PHP çæå¡å¨å¿ é¡»æ¯ unix/linux ç³»ç»ï¼windows ä¸å ·å¤æ¤é¡¹åè½ã
æç½äºä»¥ä¸çéçï¼æ们就å¯ä»¥å¾åºè§£å³sessionè·¨é¡µä¼ éé®é¢çä¸æ¡éå¾ï¼
- 设置 php.ini ä¸ç session.use_trans_sid = 1 æè ç¼è¯æ¶æå¼æå¼äº --enable-trans-sid é项ï¼è®© PHP èªå¨è·¨é¡µä¼ é session idã
- æå¨éè¿ URL ä¼ å¼ãéè表åä¼ é session idã
- ç¨æ件ãæ°æ®åºçå½¢å¼ä¿å session_idï¼å¨è·¨é¡µè¿ç¨ä¸æå¨è°ç¨ã
ä¸é¢ä¸¾ä¾è¯´æï¼
第ä¸ç§æ åµï¼
page1.php
ä¸ä¸é¡µ"; echo $url; ?>
page2.php
è¿è¡ä»¥ä¸ä»£ç ï¼å¨å®¢æ·ç«¯cookieæ£å¸¸çæ åµä¸ï¼åºè¯¥å¯ä»¥å¨å¾å°ç»æâä¸å人æ°å ±åå½âã
ç°å¨ä½ æå¨å ³é客æ·ç«¯çcookieï¼åè¿è¡ï¼å¯è½å¾ä¸å°ç»æäºå§ãå¦æå¾ä¸å°ç»æï¼åâ设置php.iniä¸çsession.use_trans_sid = 1æè ç¼è¯æ¶æå¼æå¼äº--enable-trans-sidé项âï¼åå¾å°ç»æâä¸å人æ°å ±åå½âã
第äºç§éå¾ï¼
s1.php
ä¸ä¸é¡µ'; $url="ä¸ä¸é¡µ"; echo $url; ?>
s2.php
第ä¸ç§éå¾ï¼
login.html
mylogin1.php éæ°ç»å½"; die(); } if (!($name=="laogong" && $pass=="123")) { echo "ç¨æ·åæå¯ç ä¸æ£ç¡®ï¼è¯·éæ°ç»å½"; die(); } //注åç¨æ· ob_start(); session_start(); $_SESSION['user']= $name; $psid=session_id(); $fp=fopen("e:\\tmp\\phpsid.txt","w+"); fwrite($fp,$psid); fclose($fp); //身份éªè¯æåï¼è¿è¡ç¸å ³æä½ echo "å·²ç»å½Login 请ç»å½ï¼
"; echo "ä¸ä¸é¡µ"; ?>
mylogin2.php
ç»å½åæµè§"; die(); } ?>