參考:
(一)session
session: a period of time that is spent doing a particular activity. 做某一項(xiàng)具體活動(dòng)所花費(fèi)的一段時(shí)間
網(wǎng)上所見一般譯為:會(huì)話
通過為每個(gè)獨(dú)立用戶分配唯一的會(huì)話 ID,可以實(shí)現(xiàn)針對(duì)不同用戶分別存儲(chǔ)數(shù)據(jù)的功能谈秫。 會(huì)話通常被用來在++多個(gè)頁面請(qǐng)求之間++保存及共享信息更米。
一般來說,會(huì)話 ID 通過 cookie 的方式發(fā)送到瀏覽器镶蹋,并且在服務(wù)器端也是通過會(huì)話 ID 來取回會(huì)話中的數(shù)據(jù)邦邦。 如果請(qǐng)求中不包含會(huì)話 ID 信息及舍,那么 PHP 就會(huì)創(chuàng)建一個(gè)新的會(huì)話贤徒,并為新創(chuàng)建的會(huì)話分配新的 ID芹壕。
會(huì)話的工作流程很簡(jiǎn)單。當(dāng)開始一個(gè)會(huì)話時(shí)接奈,PHP 會(huì)嘗試從請(qǐng)求中查找會(huì)話 ID (通常通過會(huì)話 cookie)踢涌, 如果請(qǐng)求中不包含會(huì)話 ID 信息,PHP 就會(huì)創(chuàng)建一個(gè)新的會(huì)話序宦。 會(huì)話開始之后睁壁,PHP 就會(huì)將會(huì)話中的數(shù)據(jù)設(shè)置到 $_SESSION 變量中。 當(dāng) PHP 停止的時(shí)候挨厚,它會(huì)自動(dòng)讀取 $_SESSION 中的內(nèi)容堡僻,并將其進(jìn)行序列化, 然后發(fā)送給會(huì)話保存管理器器來進(jìn)行保存疫剃。
可以通過調(diào)用函數(shù) session_start() 來手動(dòng)開始一個(gè)會(huì)話;如果配置項(xiàng) session.auto_start 設(shè)置為1硼讽, 那么請(qǐng)求開始的時(shí)候巢价,會(huì)話會(huì)自動(dòng)開始。
PHP 腳本執(zhí)行完畢之后拙已,會(huì)話會(huì)自動(dòng)關(guān)閉吼过。 同時(shí),也可以通過調(diào)用函數(shù) session_write_close() 來手動(dòng)關(guān)閉會(huì)話其做。
(二)session 函數(shù)
-
session_start —— 開始一個(gè)新的會(huì)話碉克,或 resume(重新開始凌唬?/繼續(xù)?但按使用經(jīng)驗(yàn)來看漏麦,應(yīng)該翻譯為“繼續(xù)”比較符合本意)已存在的會(huì)話
Start new or resume existing session
session_start() 可以創(chuàng)建一個(gè)會(huì)話客税,或者基于通過 GET/POST 請(qǐng)求或 cookie 傳遞的會(huì)話標(biāo)識(shí)符來繼續(xù)當(dāng)前的會(huì)話。
-
session_destroy —— 銷毀一個(gè) session 中的所有數(shù)據(jù)
Destroys all data registered to a session
session_destroy()
destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again,session_start()
has to be called.(session_destroy()
會(huì)銷毀(destroy)所有與當(dāng)前會(huì)話相關(guān)的數(shù)據(jù)撕贞。它不會(huì) unset 任何與會(huì)話相關(guān)的全局變量更耻,也不會(huì) unset 會(huì)話 cookie。要再次使用會(huì)話變量捏膨,必須調(diào)用session_start()
)秧均。In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.(為了徹底銷毀會(huì)話(比如是用戶退出登錄),必須同時(shí)重置/注銷(unset)會(huì)話 ID号涯。如果是通過 cookie 傳送會(huì)話 ID 的目胡,那么客戶端的會(huì)話 cookie 也必須刪除(可以用 setcookie()來刪除會(huì)話 cookie))。
Example: Destroying a session with
$_SESSION
<?php // Initialize the session. // If you are using session_name("something"), don't forget it now! session_start(); // Unset all of the session variables. $_SESSION = array(); // If it's desired to kill the session, also delete the session cookie. // Note: This will destroy the session, and not just the session data! if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } // Finally, destroy the session. session_destroy(); ?>
-
session_unset —— 釋放所有會(huì)話變量
Free all session variables
The difference between both
session_unset
andsession_destroy
is as follows:
session_unset
just clears out the session for usage. The session is still on the users computer. Note that by usingsession_unset
, the variable still exists. session_unset just remove all session variables. it does not destroy the session....so the session would still be active. -
session_abort —— 拋棄 session 數(shù)組的改動(dòng)并結(jié)束會(huì)話
Discard session array changes and finish session
-
session_reset —— 用原始值來 重新初始化 session 數(shù)組(用來回滾到之前保存的值链快?)
session_reset()
reinitializes a session with original values stored in session storage. This function requires an active session and discards changes in $_SESSION. -
session_cache_expire —— 返回目前的緩存到期時(shí)間
Return current cache expire(Returns the current setting of session.cache_expire(在 session.cache_expire 中讶隐,單位為:分鐘,默認(rèn)值為 180))
The manual probably doesn't stress this enough: This has nothing to do with lifetime of a session.
Whatever you set this setting to, it won't change how long sessions live on your server.
This only changes HTTP cache expiration time (Expires: and Cache-Control: max-age headers), which advise browser for how long it can keep pages cached in user's cache without having to reload them from the server.
-
session_cache_limiter —— 獲取/設(shè)置當(dāng)前的 cache limiter
Get and/or set the current cache limiter
The cache limiter defines which cache control HTTP headers are sent to the client. These headers determine the rules by which the page content may be cached by the client and intermediate proxies.
Setting the cache limiter to
nocache
disallows any client/proxy caching.A value of
public
permits caching by proxies and the client, whereas private disallows caching by proxies and permits the client to cache the contents.In
private
mode, the Expire header sent to the client may cause confusion for some browsers, including Mozilla.You can avoid this problem by using
private_no_expire
mode. The Expire header is never sent to the client in this mode.Setting the cache limiter to
''
will turn off automatic sending of cache headers entirely.值 發(fā)送的響應(yīng)頭 public (1)Expires:(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出)久又;(2)Cache-Control: public, max-age=(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出)巫延;(3)Last-Modified:(會(huì)話最后保存時(shí)間) private_no_expire (1)Cache-Control: private, max-age=(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出), pre-check=(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出);(2)Last-Modified: (會(huì)話最后保存時(shí)間) private (1)Expires: Thu, 19 Nov 1981 08:52:00 GMT地消;(2)Cache-Control: private, max-age=(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出), pre-check=(根據(jù) session.cache_expire 的設(shè)定計(jì)算得出)炉峰;(3)Last-Modified: (會(huì)話最后保存時(shí)間) nocache (1)Expires: Thu, 19 Nov 1981 08:52:00 GMT;(2)Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0脉执;(3)Pragma: no-cache -
session_encode —— 編碼當(dāng)前 session 數(shù)據(jù)
Encodes the current session data as a session encoded string
session_encode()
返回一個(gè)序列化后的字符串疼阔,包含被編碼的、儲(chǔ)存于$_SESSION
超全局變量中的當(dāng)前會(huì)話數(shù)據(jù)半夷。請(qǐng)注意婆廊,序列方法 和
serialize()
是不一樣的。 該序列方法是內(nèi)置于 PHP 的巫橄,能夠通過設(shè)置session.serialize_handler
來設(shè)置淘邻。// session_encode() just return the session dataset in a formatted form session_start(); $_SESSION['login_ok'] = true; $_SESSION['nome'] = 'sica'; $_SESSION['inteiro'] = 34; echo session_encode(); //this code will print //login_ok|b:1;nome|s:4:"sica";inteiro|i:34;
-
session_decode —— 解碼 session 數(shù)據(jù)
Decodes session data from a session encoded string
-
session_get_cookie_params —— 獲取會(huì)話的 cookie 參數(shù),返回值為數(shù)組
Get the session cookie parameters
Returns an array with the current session cookie information, the array contains the following items:
- "lifetime" - The lifetime of the cookie in seconds.
- "path" - The path where information is stored.
- "domain" - The domain of the cookie.
- "secure" - The cookie should only be sent over secure connections.
- "httponly" - The cookie can only be accessed through the HTTP protocol.
-
session_set_cookie_params —— 設(shè)置會(huì)話的cookie 參數(shù)
Set the session cookie parameters
-
session_module_name —— 獲取/設(shè)置當(dāng)前的會(huì)話模塊(名稱)(這里的 module 到底是什么湘换,官方文檔也語焉不詳宾舅,但可以參考一下官方文檔下的用戶評(píng)論)
Get and/or set the current session module
-
session_name —— 獲取/設(shè)置當(dāng)前會(huì)話的名稱
Get and/or set the current session name
string session_name ([ string $name ] )
Returns the name of the current session. If$name
is given and function updates the session name, name of the old session is returned. -
session_id —— 獲取/設(shè)置當(dāng)前會(huì)話的 id
Get and/or set the current session id
-
session_regenerate_id —— 用新生成的會(huì)話 id 來更新當(dāng)前的會(huì)話 id
Update the current session id with a newly generated one
session_regenerate_id()
will replace the current session id with a new one, and keep the current session information.When
session.use_trans_sid
is enabled, output must be started aftersession_regenerate_id()
call. Otherwise, old session ID is used. -
session_status —— 返回當(dāng)前會(huì)話的狀態(tài)
Returns the current session status
- PHP_SESSION_DISABLED if sessions are disabled.
- PHP_SESSION_NONE if sessions are enabled, but none exists.
- PHP_SESSION_ACTIVE if sessions are enabled, and one exists.
-
session_register_shutdown —— 這個(gè)函數(shù)用來關(guān)閉會(huì)話
Session shutdown function.Registers
session_write_close()
as a shutdown function. -
session_save_path —— 獲取/設(shè)置當(dāng)前的會(huì)話保存路徑
Get and/or set the current session save path
-
session_set_save_handler —— 設(shè)置用戶級(jí)的會(huì)話存儲(chǔ)功能
Sets user-level session storage functions
-
session_write_close —— 寫入會(huì)話數(shù)據(jù)并結(jié)束會(huì)話
Write session data and end session
-
session_commit ——
session_write_close
函數(shù)的別名Alias of session_write_close
-
session_register —— 用當(dāng)前會(huì)話注冊(cè)一個(gè)或多個(gè)全局變量(This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.)Register one or more global variables with the current session
-
session_unregister —— 從當(dāng)前會(huì)話中注銷一個(gè)全局變量(This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.)Unregister a global variable from the current session
-
session_is_registered —— 檢查一個(gè)全局變量是否在會(huì)話中已經(jīng)被注冊(cè)(This function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.)Find out whether a global variable is registered in a session
(三)預(yù)定義常量
下列常量由 sessions 擴(kuò)展定義统阿,且僅在此擴(kuò)展編譯入 PHP 或在運(yùn)行時(shí)動(dòng)態(tài)載入時(shí)可用。
- SID (string)
包含著**會(huì)話名稱以及會(huì)話 ID **的常量筹我,格式為 "name=ID"扶平,或者如果會(huì)話 ID 已經(jīng)在適當(dāng)?shù)臅?huì)話 cookie 中設(shè)定時(shí)則為空字符串。 這和
session_id()
返回的是同一個(gè) ID蔬蕊。 - PHP_SESSION_DISABLED (int)
自 PHP 5.4.0 起结澄。如果會(huì)話已禁用則返回
session_status()
的值。 - PHP_SESSION_NONE (int)
自 PHP 5.4.0 起岸夯。在會(huì)話已啟用但是沒有會(huì)話的時(shí)候返回
session_status()
的值麻献。 - PHP_SESSION_ACTIVE (int)
自 PHP 5.4.0 起。在一個(gè)會(huì)話已啟用并存在時(shí)返回
session_status()
的值囱修。