The Chinese translation of Session is called "conversation", and its original meaning refers to a series of actions/messages that have a beginning and an end. For example, when making a phone call, the series of processes from picking up the phone to dialing to hanging up the phone can be called a Session. The current understanding of Session in society is very confusing: sometimes we can see the words "During a browser session,...", the session here refers to the period from the opening to closing of a browser window; you can also see When referring to the sentence "the user (client) during a session", it may refer to a series of actions of the user (usually a series of actions related to a specific purpose, such as from logging in to purchasing goods to checking out. Such an online shopping process; however, sometimes it may only refer to a connection; the difference can only be inferred from the context.
However, when the word Session is associated with a network protocol, it often implies "oriented"
."Connection" and/or "Keep state" have two meanings. "Connection-oriented" means that the communicating parties must first establish a communication channel before communicating, such as making a phone call. Communication cannot begin until the other party answers the phone. "Hold" "Status" means that the communicating party can associate a series of messages so that the messages can depend on each other. For example, a waiter can recognize an old customer who comes again and remember that the customer owed the store a dollar last time. This Examples of one type are "a TCP Session" or "a POP3 Session".
Given that this confusion is irreversible, it is difficult to have a unified standard for defining Session, and when reading about Session, we only have one. We can understand it by inferring from the context: For example, when we make a phone call, from the moment we make the call to the moment we hang up, the phone remains connected, so this connected state is called Session. It is a public variable that always exists during the interaction between the visitor and the entire website. When the client does not support COOKIE, in order to ensure the accuracy and security of the data, the Session variable will be assigned to the visitor who visits the website. , the so-called session ID. It is either stored in the client's cookie or passed through the URL.
The invention of Session fills the limitations of the HTTP protocol: the HTTP protocol is considered a stateless protocol and cannot know the user's browsing status when it is in use. After the server completes the response, the server loses contact with the browser. This is consistent with the original purpose of the HTTP protocol. The client only needs to simply request the server to download certain files, neither the client nor the server. It is necessary to record each other's past behavior, and each request is independent, just like the relationship between a customer and a vending machine or an ordinary (non-membership) hypermarket.
Therefore, through Session (cookie), it is another way. A solution) records the user's relevant information for confirmation when the user makes a request to the web server again. The invention of sessions allows a user to save his information when switching between multiple pages. With this experience, the variables in each page cannot be used in the next page (although form and url can also be implemented, but these are very unsatisfactory methods), and the variables registered in the Session can be used as global variables. .
So what is the use of Session? Everyone has used the shopping cart when shopping online. You can add the products you choose to the shopping cart at any time, and finally go to the checkout counter to check out. During the entire process, the shopping cart has been playing the role of temporarily storing the selected products. It is used to track the user's activities on the website. This is the role of Session. It can be used for user identity authentication, program status recording, and between pages. Parameter passing, etc.
COOKIE technology is used in the implementation of Session. Session will save a COOKIE containing Session_id (Session number) on the client side; save other Session variables on the server side, such as Session_name, etc. When the user requests the server, the Session_id is also sent to the server. By extracting the variables saved on the server side through the Session_id, you can identify who the user is. At the same time, it is not difficult to understand why Session sometimes fails.
When the client disables COOKIE (click "Tools" - "Internet Options" in IE, click "Security" - "Custom Level" item in the pop-up dialog box, and set "Allow per-conversation COOKIE" to disabled) , Session_id will not be passed, and the Session will be invalid at this time. However, php5 can automatically check the cookie status on the Linux/Unix platform. If the client is disabled, the system will automatically append the Session_id to the URL and pass it. Windows hosts do not have this function.
Session common functions and usage
Session_start(): Start a session or return an existing session.
Note: This function has no parameters and the return value is true. If you use cookie-based Sessions, the browser must not have any output before using Session_start(), otherwise the following error will occur:
Warning: Cannot send Session cache limiter - headers already sent (output started at / usr/local/apache/htdocs/cga/member/1.php:2)...
You can start Session.auto_start=1 in php.ini, so that you don't need to call Session_start() every time before using Session. But there are some limitations to enabling this option. If Session.auto_start is indeed enabled, you cannot put objects into the session because the class definition must be loaded before starting the session to recreate the object in the session.
All registered variables will be serialized after the request is completed. Variables that are registered but not defined are marked as undefined. These variables are also not defined by the session module on subsequent accesses unless the user later defines them.
Some types of data cannot be serialized and therefore cannot be saved in the session. Including resource variables or objects with circular references (that is, an object passes a reference to itself to another object).