What is Web±à³Ì Readers Blog?

    Web±à³Ì Readers Blog¼¯ÖÐÁËWeb×ÊÉî³ÌÐòÔ±µÄ¼¼ÇɺÍʵս¾­Ñ飬º­¸ÇÁËWeb±à³ÌµÄÈ«²¿·¶Î§: 3P(ASP, JSP, PHP) web±à³Ì¼¼Êõ£¬MySQLÊý¾Ý¿â¿ª·¢£¬·þÎñÆ÷ÍøÂ簲ȫºÍDIV+CSS²¼¾ÖµÈ£¬ÌṩһЩÓÅÐãµÄ±à³ÌÔ´Â룬ʹÄúµÄWeb±à³Ìѧϰ֮·¸ü¼Óƽ̹¡£

ä¯ÀÀģʽ: ±ê×¼ | Áбí

PHP cookieºÍsessionµÄ·ÖÎö

Submitted by ×÷Õß: admin 2008-05-24 10:22:42

1. PHPµÄCOOKIE

cookie ÊÇÒ»ÖÖÔÚÔ¶³Ìä¯ÀÀÆ÷¶Ë´¢´æÊý¾Ý²¢ÒÔ´ËÀ´¸ú×ÙºÍʶ±ðÓû§µÄ»úÖÆ¡£
PHPÔÚhttpЭÒéµÄÍ·ÐÅÏ¢Àï·¢ËÍcookie, Òò´Ë setcookie() º¯Êý±ØÐëÔÚÆäËüÐÅÏ¢±»Êä³öµ½ä¯ÀÀÆ÷Ç°µ÷Óã¬ÕâºÍ¶Ô header() º¯ÊýµÄÏÞÖÆÀàËÆ¡£

1.1 ÉèÖÃcookie:
    ¿ÉÒÔÓà setcookie() »ò setrawcookie() º¯ÊýÀ´ÉèÖà cookie¡£Ò²¿ÉÒÔͨ¹ýÏò¿Í»§¶ËÖ±½Ó·¢ËÍhttpÍ·À´ÉèÖÃ.
1.1.1 ʹÓÃsetcookie()º¯ÊýÉèÖÃcookie:
bool setcookie ( string name [, string value [, int expire [, string path [, string domain [, bool secure [, bool httponly]]]]]] )
     name:   cookie±äÁ¿Ãû
     value: cookie±äÁ¿µÄÖµ
     expire: ÓÐЧÆÚ½áÊøµÄʱ¼ä,
     path:    ÓÐЧĿ¼,
     domain: ÓÐЧÓòÃû,¶¥¼¶ÓòΨһ
     secure: Èç¹ûֵΪ1,ÔòcookieÖ»ÄÜÔÚhttpsÁ¬½ÓÉÏÓÐЧ,Èç¹ûΪĬÈÏÖµ0,ÔòhttpºÍhttps¶¼¿ÉÒÔ.
Àý×Ó:
<?php
$value = 'something from somewhere';

setcookie("TestCookie", $value); /* ¼òµ¥cookieÉèÖÃ */
setcookie("TestCookie", $value, time()+3600); /* ÓÐЧÆÚ1¸öСʱ */
setcookie("TestCookie", $value, time()+3600, "/~rasmus/", ".example.com", 1); /* ÓÐЧĿ¼ /~rasmus,ÓÐЧÓòÃûexample.com¼°ÆäËùÓÐ×ÓÓòÃû */
?>

ÉèÖöà¸öcookie±äÁ¿: setcookie('var[a]','value');ÓÃÊý×éÀ´±íʾ±äÁ¿,µ«ËûµÄϱ겻ÓÃÒýºÅ.ÕâÑù¾Í¿ÉÒÔÓÃ$_COOKIE[‘var’][‘a’]À´¶ÁÈ¡¸ÃCOOKIE±äÁ¿.

1.1.2. ʹÓÃheader()ÉèÖÃcookie;
header("Set-Cookie: name=$value[;path=$path[;domain=xxx.com[;...]]");
ºóÃæµÄ²ÎÊýºÍÉÏÃæÁгösetcookieº¯ÊýµÄ²ÎÊýÒ»Ñù.
±ÈÈç:

$value = 'something from somewhere';
header("Set-Cookie:name=$value");

1.2 CookieµÄ¶ÁÈ¡:

Ö±½ÓÓÃphpÄÚÖ󬼶ȫ¾Ö±äÁ¿ $_COOKIE¾Í¿ÉÒÔ¶ÁÈ¡ä¯ÀÀÆ÷¶ËµÄcookie.
ÉÏÃæÀý×ÓÖÐÉèÖÃÁËcookie"TestCookie",ÏÖÔÚÎÒÃÇÀ´¶ÁÈ¡:

print $_COOKIE['TestCookie'];

COOKIEÊDz»ÊDZ»Êä³öÁË?!

1.3 ɾ³ýcookie
Ö»Ðè°ÑÓÐЧʱ¼äÉèΪСÓÚµ±Ç°Ê±¼ä, ºÍ°ÑÖµÉèÖÃΪ¿Õ.ÀýÈç:
setcookie("name","",time()-1);
ÓÃheader()ÀàËÆ.

1.4 ³£¼ûÎÊÌâ½â¾ö:

1) ÓÃsetcookie()ʱÓдíÎóÌáʾ,¿ÉÄÜÊÇÒòΪµ÷ÓÃsetcookie()Ç°ÃæÓÐÊä³ö»ò¿Õ¸ñ.Ò²¿ÉÄÜÄãµÄÎĵµÊ¹´ÓÆäËû×Ö·û¼¯×ª»»¹ýÀ´,ÎĵµºóÃæ¿ÉÄÜ´øÓÐBOMÇ©Ãû(¾ÍÊÇÔÚÎļþÄÚÈÝÌí¼ÓһЩÒþ²ØµÄBOM×Ö·û).½â¾öµÄ°ì·¨¾ÍÊÇʹÄãµÄÎĵµ²»³öÏÖÕâÖÖÇé¿ö.»¹ÓÐͨ¹ýʹÓÃob_start()º¯ÊýÓÐÒ²ÄÜ´¦ÀíÒ»µã.
2) $_COOKIEÊÜmagic_quotes_gpcÓ°Ïì,¿ÉÄÜ×Ô¶¯×ªÒå
3) ʹÓõÄʱºò,ÓбØÒª²âÊÔÓû§ÊÇ·ñÖ§³Öcookie
<!--[if !supportLineBreakNewLine]-->

1.5 cookie¹¤×÷»úÀí:

ÓÐЩѧϰÕ߱Ƚϳ嶯,ûÐÄ˼°ÑÔ­ÀíÑо¿,ËùÒÔÎÒ°ÑËü·ÅºóÃæ.
a) ·þÎñÆ÷ͨ¹ýËæ×ÅÏìÓ¦·¢ËÍÒ»¸öhttpµÄSet-CookieÍ·,ÔÚ¿Í»§»úÖÐÉèÖÃÒ»¸öcookie(¶à¸öcookieÒª¶à¸öÍ·).
b) ¿Í»§¶Ë×Ô¶¯Ïò·þÎñÆ÷¶Ë·¢ËÍÒ»¸öhttpµÄcookieÍ·,·þÎñÆ÷½ÓÊÕ¶ÁÈ¡.

HTTP/1.x 200 OK
X-Powered-By: PHP/5.2.1
Set-Cookie: TestCookie=something from somewhere; path=/
Expires: Thu, 19 Nov 2007 18:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html

ÕâÒ»ÐÐʵÏÖÁËcookie¹¦ÄÜ,ÊÕµ½ÕâÐкó
Set-Cookie: TestCookie=something from somewhere; path=/
ä¯ÀÀÆ÷½«ÔÚ¿Í»§¶ËµÄ´ÅÅÌÉÏ´´½¨Ò»¸öcookieÎļþ,²¢ÔÚÀïÃæдÈë:

TestCookie=something from somewhere;
/

ÕâÒ»ÐоÍÊÇÎÒÃÇÓÃsetcookie('TestCookie','something from somewhere','/');µÄ½á¹û.Ò²¾ÍÊÇÓÃheader('Set-Cookie: TestCookie=something from somewhere; path=/');µÄ½á¹û.

 

2. PHPµÄSession

2.1 sessionIDµÄ´«ËÍ

2.1.1 ͨ¹ýcookie´«ËÍsessin ID

     ʹÓÃsession_start()µ÷ÓÃsession,·þÎñÆ÷¶ËÔÚÉú³ÉsessionÎļþµÄͬʱ,Éú³Ésession ID¹þÏ£ÖµºÍĬÈÏֵΪPHPSESSIDµÄsession name,²¢Ïò¿Í»§¶Ë·¢ËͱäÁ¿Îª(ĬÈϵÄÊÇ)PHPSESSID(session name),ֵΪһ¸ö128λµÄ¹þÏ£Öµ.·þÎñÆ÷¶Ë½«Í¨¹ý¸ÃcookieÓë¿Í»§¶Ë½øÐн»»¥.
   session±äÁ¿µÄÖµ¾­phpÄÚ²¿ÏµÁл¯ºó±£´æÔÚ·þÎñÆ÷»úÆ÷ÉϵÄÎı¾ÎļþÖÐ,ºÍ¿Í»§¶ËµÄ±äÁ¿ÃûĬÈÏÇé¿öÏÂΪPHPSESSIDµÄcoolie½øÐжÔÓ¦½»»¥.
     ¼´·þÎñÆ÷×Ô¶¯·¢ËÍÁËhttpÍ·:header('Set-Cookie: session_name()=session_id(); path=/');
¼´setcookie(session_name(),session_id());
    µ±´Ó¸ÃÒ³Ìøתµ½µÄÐÂÒ³Ãæ²¢µ÷ÓÃsession_start()ºó,PHP½«¼ì²éÓë¸ø¶¨IDÏà¹ØÁªµÄ·þÎñÆ÷¶Ë´æÖüµÄsessionÊý¾Ý,Èç¹ûûÕÒµ½,Ôòн¨Ò»¸öÊý¾Ý¼¯.

2.1.2 ͨ¹ýURL´«ËÍsession ID
Ö»ÓÐÔÚÓû§½ûֹʹÓÃcookieµÄʱºò²ÅÓÃÕâÖÖ·½·¨,ÒòΪä¯ÀÀÆ÷cookieÒѾ­Í¨ÓÃ,Ϊ°²È«Æð¼û,¿É²»Óø÷½·¨.
<a href="p.php?<?php print session_name() ?>=<?php print session_id() ?>">xxx</a>,Ò²¿ÉÒÔͨ¹ýPOSTÀ´´«µÝsessionÖµ.
2.3 ʹÓÃsessionº¯Êý¿ØÖÆÒ³Ã滺´æ.
    ºÜ¶àÇé¿öÏÂ,ÎÒÃÇҪȷ¶¨ÎÒÃǵÄÍøÒ³ÊÇ·ñÔÚ¿Í»§¶Ë»º´æ,»òÒªÉèÖûº´æµÄÓÐЧʱ¼ä,±ÈÈçÎÒÃǵÄÍøÒ³ÉÏÓÐЩÃô¸ÐÄÚÈݲ¢ÇÒÒªµÇ¼²ÅÄܲ鿴,Èç¹û»º´æµ½±¾µØÁË,¿ÉÒÔÖ±½Ó´ò¿ª±¾µØµÄ»º´æ¾Í¿ÉÒÔ²»µÇ¼¶øä¯ÀÀµ½ÍøÒ³ÁË.

    ʹÓÃsession_cache_limiter('private');¿ÉÒÔ¿ØÖÆÒ³Ãæ¿Í»§¶Ë»º´æ,±ØÐëÔÚsession_start()֮ǰµ÷ÓÃ.
    ¸ü¶à²ÎÊý¼ûhttp://blog.chinaunix.net/u/27731/showart.php?id=258087µÄ¿Í»§¶Ë»º´æ¿ØÖÆ.

     ¿ØÖÆ¿Í»§¶Ë»º´æʱ¼äÓà session_cache_expire(int);µ¥Î»(s).Ò²ÒªÔÚsession_start()Ç°µ÷ÓÃ.

    ÕâÖ»ÊÇʹÓÃsessionµÄÇé¿öÏ¿ØÖÆ»º´æµÄ·½·¨,ÎÒÃÇ»¹¿ÉÒÔÔÚheader()ÖпØÖÆ¿ØÖÆÒ³ÃæµÄ»º´æ.

2.4 ɾ³ýsession

ÒªÈý²½ÊµÏÖ.
<?php
session_destroy();                                      // µÚÒ»²½: ɾ³ý·þÎñÆ÷¶ËsessionÎļþ,ÕâʹÓÃ
setcookie(session_name(),'',time()-3600); // µÚ¶þ²½: ɾ³ýʵ¼ÊµÄsession:
$_SESSION = array();                                  // µÚÈý²½: ɾ³ý$_SESSIONÈ«¾Ö±äÁ¿Êý×é
?>

2.6 ³£ÓÃsessionº¯Êý:

bool session_start(void); ³õʼ»¯session
bool   session_destroy(void): ɾ³ý·þÎñÆ÷¶Ësession¹ØÁªÎļþ¡£
string session_id() µ±Ç°sessionµÄid
string session_name() µ±Ç°´æÈ¡µÄsessionÃû³Æ,Ò²¾ÍÊÇ¿Í»§¶Ë±£´æsession IDµÄcookieÃû³Æ.ĬÈÏPHPSESSID¡£
array session_get_cookie_params() ÓëÕâ¸ösessionÏà¹ØÁªµÄsessionµÄϸ½Ú.
string session_cache_limiter() ¿ØÖÆʹÓÃsessionµÄÒ³ÃæµÄ¿Í»§¶Ë»º´æ
ini    session_cache_expire() ¿ØÖÆ¿Í»§¶Ë»º´æʱ¼ä
bool   session_destroy()     ɾ³ý·þÎñÆ÷¶Ë±£´æsessionÐÅÏ¢µÄÎļþ
void   session_set_cookie_params ( int lifetime [, string path [, string domain [, bool secure [, bool httponly]]]] )ÉèÖÃÓëÕâ¸ösessionÏà¹ØÁªµÄsessionµÄϸ½Ú
bool session_set_save_handler ( callback open, callback close, callback read, callback write, callback destroy, callback gc )¶¨Òå´¦ÀísessionµÄº¯Êý,(²»ÊÇʹÓÃĬÈϵķ½Ê½)
bool session_regenerate_id([bool delete_old_session]) ·ÖÅäеÄsession id


2.7 session°²È«ÎÊÌâ
¹¥»÷Õßͨ¹ýͶÈëºÜ´óµÄ¾«Á¦³¢ÊÔ»ñµÃÏÖÓÐÓû§µÄÓÐЧ»á»°ID,ÓÐÁ˻Ựid,ËûÃǾÍÓпÉÄÜÄܹ»ÔÚϵͳÖÐÓµÓÐÓë´ËÓû§ÏàͬµÄÄÜÁ¦.
Òò´Ë,ÎÒÃÇÖ÷Òª½â¾öµÄ˼·ÊÇЧÑésession IDµÄÓÐЧÐÔ.

<?php

if(!isset($_SESSION['user_agent'])){
    $_SESSION['user_agent'] = $_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'];
}

/* Èç¹ûÓû§session IDÊÇαÔì */
elseif ($_SESSION['user_agent'] != $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) {
    session_regenerate_id();
}
?>


2.8 Sessionͨ¹ýcookie´«µÝºÍͨ¹ýSID´«µÝµÄ²»Í¬:
ÔÚphp5.2.1µÄsessionµÄĬÈÏÅäÖõÄÇé¿öÏÂ,µ±Éú³ÉsessionµÄͬʱ,·þÎñÆ÷¶Ë½«ÔÚ·¢ËÍheader set-cookieͬʱÉú³ÉÔ¤¶¨Ò峬¼¶È«¾Ö±äÁ¿SID(Ò²¾ÍÊÇ˵,дÈëcookieºÍÅ׳öSIDÊǵȼ۵Ä.),µ±$_COOKIE['PHPSESSID']´æÔÚÒÔºó,½«²»ÔÙдÈëcookie,Ò²²»ÔÙÉú³É³¬¼¶È«¾Ö±äÁ¿SID,´Ëʱ,SID½«ÊÇ¿ÕµÄ.



2.9 sessionʹÓÃʵÀý

<?php
* ЧÑésessionµÄºÏ·¨ÐÔ
function sessionVerify() {
    if(!isset($_SESSION['user_agent'])){
        $_SESSION['user_agent'] = MD5($_SERVER['REMOTE_ADDR']
        .$_SERVER['HTTP_USER_AGENT']);
    }
    /* Èç¹ûÓû§session IDÊÇαÔì,ÔòÖØзÖÅäsession ID */
    elseif ($_SESSION['user_agent'] != MD5($_SERVER['REMOTE_ADDR']
    . $_SERVER['HTTP_USER_AGENT'])) {
        session_regenerate_id();
    }
}
* Ïú»Ùsession
function sessionDestroy() {
    session_destroy();
    setcookie(session_name(),'',time()-3600);
    $_SESSION = array();
}
?>

 

×¢Ã÷:

    session ³öÏÖÍ·ÐÅÏ¢ÒѾ­·¢³öµÄÔ­ÒòÓëcookieÒ»Ñù.
    ÔÚphp5ÖÐ,ËùÓÐphp session µÄ×¢²á±íÅäÖÃÑ¡ÏÊDZà³Ìʱ¿ÉÅäÖõÄ,Ò»°ãÇé¿öÏÂ,ÎÒÃÇÊDz»ÓÃÐÞ¸ÄÆäÅäÖõÄ.ÒªÁ˽âphpµÄsession×¢²á±íÅäÖÃÑ¡Ïî,Çë²Î¿¼ÊÖ²áµÄSession »á»°´¦Àíº¯Êý´¦.

·ÖÀà:ÍøÕ¾|PHPѧϰ | Read more ÔĶÁ (257) ÆÀÂÛ (0)



<<ÉÏһƪ | ÏÂһƪ>>



·Ã¿Í ÆÀÂÛ





·¢±íÆÀÂÛ

êÇ¡¡³Æ (±ØÌî)

ÓÊ¡¡Ïä (±ØÌî)

Íø Õ¾

ÑéÖ¤Âë: (±ØÌî)

 



ÈÕÖ¾·ÖÀà©®Category


ÈȵãÎÄÕ©®Articles


×îÐÂÎÄÕ©®Articles


×îÐÂÆÀÂÛ©®Comments