php session原理深入理解(禁用cookie和自定义session)
一、禁用cookie缓存后如何使用session:
1、方法1
page1.php
//phpinfo();
session_start();
$_SESSION['var1']="aaaa";
$sn = session_id();
$url="next";
echo $url;
?>
page2.php
session_id($_GET['s']);
session_start();
echo "var1:".$_SESSION['var1'];
?>
2、方法2
page1.php
session_start();
$_SESSION['var1']="aaaa";
$url="next"; //SID禁用cookie才会出现
echo $url;
?>
page2.php
session_id($_GET['PHPSESSID']);
session_start();
echo "var1:".$_SESSION['var1'];
?>
3、方法3
session.use_cookies = 0 //设置客户端是否使用cookie来保存session值 该参数的值不影响上述机制的进行。
session.use_only_cookies = 0 //是否只使用cookie来保存session值 该参数为1时,上述机制失效。
session.use_trans_sid = 1
page1.php
session_start();
$_SESSION['var1']="aaaa";
$url="next";
echo $url;
?>
page2.php
session_start();
echo "var1:".$_SESSION['var1'];
?>
二、自定义方式保存session到文件 (顺序执行file1.php,file2.php,file2.php理解即可)
备注操作前请在php.ini文件中将session.save_handler = user(默认是files),并确保session.auto_start = 0
1、session.php
/**
* 自定义方式保存session到文件
* 使用session_set_save_handler 函数
* php.ini 设置
* 默认为session.save_handler = files,必须将其修改为session.save_handler = user,即变为用户自定义方式。
*/
//在运行session_start()会执行
function open($save_path, $session_name) {//启动回话
global $sess_save_path;
$sess_save_path=$save_path;
return true;
}
//sessin_writr_close() session_destroy()
function close() {
return true;
}
//session_start() ,$_SESSION
function read($id) {//读取session
global $sess_save_path;
$sess_file=$sess_save_path."/mingc_".$id;
if (file_exists($sess_file)){
return (string)file_get_contents($sess_file);
}else {
return false;
}
}
//结束时和sessin_writr_close()强制提交数据是$_SESSION[]="aaa";
function write($id ,$sess_data) {
global $sess_save_path;
$sess_file=$sess_save_path."/mingc_".$id;
if ($fp=fopen($sess_file, "w")){
$return=fwrite($fp, $sess_data);
fclose($fp);
return $return;
}else {
return false;
}
}
//session_destroy()
function destroy($id) {
global $sess_save_path;
$sess_file=$sess_save_path."/mingc_".$id;
return unlink($sess_file);
}
//session.gc_probability和 session.gc_divisor值决定的,open(), read() session_start也会执行gc
function gc($maxlifetime) {
global $sess_save_path;
foreach (glob($sess_save_path."/mingc_*") as $filename){
if (filemtime($filename)+$maxlifetime < time()){
unlink($filename);
}
}
return true;
}
session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();
?>
2、file1.php
//原始方式
/*
session_start();
$_SESSION["username"] = "admin";
$_SESSION["passwd"] = 123456;
echo session_name().'='.session_id()."
";
*/
//session_set_save_handler 方式
include 'session.php';
$_SESSION["username"] = "admin";
$_SESSION["passwd"] = 123456;
echo session_name().'='.session_id()."
";
?>
3、file2.php
//原始方式
/*
session_start();
print_r($_SESSION);
echo "
";
echo session_name().'='.session_id()."
";
*/
//session_set_save_handler 方式
include 'session.php';
print_r($_SESSION);
echo "
";
echo session_name().'='.session_id()."
";
?>
4、file3.php
//原始方式
/*
session_start();
$_SESSION = array();
if (isset($_COOKIE[session_name()])){
setcookie(session_name(), '' , time()-100, '/');
}
session_destroy();
echo session_name().'='.session_id()."
";
*/
//session_set_save_handler 方式
include 'session.php';
$_SESSION = array();
if (isset($_COOKIE[session_name()])){
setcookie(session_name(), '' , time()-100, '/');
}
session_destroy();
echo session_name().'='.session_id()."
";
?>
三、自定义方式保存session到数据库
备注操作前请在php.ini文件中将session.save_handler = user(默认是files),并确保session.auto_start = 0
1、定义数据库表
CREATE TABLE `Session` (
`Session_Id` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`Session_Expires` datetime NOT NULL,
`Session_Data` text COLLATE utf8_unicode_ci,
PRIMARY KEY (`Session_Id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
2、inc.session.php
//inc.session.php
class SysSession implements SessionHandlerInterface
{
private $link;
public function open($savePath, $sessionName)
{
$link = mysqli_connect("127.0.0.1","root","root123456","session");
if($link){
$this->link = $link;
return true;
}else{
return false;
}
}
public function close()
{
mysqli_close($this->link);
return true;
}
public function read($id)
{
$result = mysqli_query($this->link,"SELECT Session_Data FROM Session WHERE Session_Id = '".$id."' AND Session_Expires > '".date('Y-m-d H:i:s')."'");
if($row = mysqli_fetch_assoc($result)){
return $row['Session_Data'];
}else{
return "";
}
}
public function write($id, $data)
{
$DateTime = date('Y-m-d H:i:s');
$NewDateTime = date('Y-m-d H:i:s',strtotime($DateTime.' + 1 hour'));
$result = mysqli_query($this->link,"REPLACE INTO Session SET Session_Id = '".$id."', Session_Expires = '".$NewDateTime."', Session_Data = '".$data."'");
if($result){
return true;
}else{
return false;
}
}
public function destroy($id)
{
$result = mysqli_query($this->link,"DELETE FROM Session WHERE Session_Id ='".$id."'");
if($result){
return true;
}else{
return false;
}
}
public function gc($maxlifetime)
{
$result = mysqli_query($this->link,"DELETE FROM Session WHERE ((UNIX_TIMESTAMP(Session_Expires) + ".$maxlifetime.") < ".$maxlifetime.")");
if($result){
return true;
}else{
return false;
}
}
}
date_default_timezone_set('PRC');
$handler = new SysSession();
session_set_save_handler($handler, true);
?>
3、page1.php
//page 1
require_once('inc.session.php');
session_start();
$_SESSION['var1'] = "hello world!";
?>
4、page2.php
require_once('inc.session.php');
session_start();
if(isset($_SESSION['var1'])){
echo $_SESSION['var1'];
}
?>
参考资料:
http://php.net/manual/zh/session.constants.php
http://php.net/manual/zh/function.session-set-save-handler.php
http://blog.csdn.net/masterft/article/details/1640122
http://blog.csdn.net/wzxsjdt/article/details/50508240
http://bbs.csdn.net/topics/340097849
http://blog.csdn.net/ysydao/article/details/53234347
http://www.jb51.net/article/57177.htm