What are sessions and cookies in php and where are they stored?
What开发者_StackOverflow社区 are sessions and cookies in php and where are they stored?
I searched but I can't find the exact answer.
HTTP is stateless. This means whenever you request something from a webserver, it will serve the requested page and forget you immediately.
Imagine a shopping cart:
You add something to the cart. The server will have some sort of data storage to remember that you put item X into the cart, but since HTTP is stateless, the next time you call the server, it won't remember it was you who put something into the cart. The webserver could create a form on the returned page and populate this with each and every item you added. Now you add another item, but also send, which item you already had added. Repeat. This is effectively transfering the entire state of your interaction on each and every request. But that's rather inefficient and insecure.
With Sessions enabled, the webserver will create a unique id, the so called Session ID for you. This will be used to link you and the cart on subsequent requests. Usually, the Session ID is sent to the browser in a Cookie. Technically, this happens through HTTP Headers:
Set-Cookie: PHP_SESS=abcdefg123456
The browser reads the headers and creates or updates the cookie file in the cookie storage inside the browser. Usually cookie files are nothing more but key/value stores in text files on your computer. If you want to have a look at them google for "where does [browsername] store my cookies".
On the next request to the same webserver, your browser will send the cookie along and the webserver is now able to associate this ID with some data store (whatever is set as the session save handler) on the server, for instance login information, the contents of a shopping cart, etc
See the reference to the PHP Manual I've linked below your question for further details.
Cookies are stored in the browser, not in PHP. You can get the cookies the browser sent by looking in $_COOKIE['cookiename']
, but as far as i know you can't set cookies like that -- you need to use setCookie()
, or possibly header('Set-cookie: ...')
.
The sessions can be stored anywhere, but they're most often just files on your server's filesystem; your php.ini
(or the ini_get()
function) would probably be helpful in finding out where. Try:
$session_file_name = ini_get('session.save_path')."/sess_".session_id();
A cookie is some piece of data the server requests the client to store and send in consequent requests.
A session is some data stored on the server, and connected to the user via a session id. This session id is most of the time stored in a cookie.
A session can be stored on the filesystem, most likely in a temp directory, but also in a database.
Both cookies and sessions have a expiration date connected to them, so they wont last forever.
Cookie is a small piece of data stored on the client-side(browser) and session is a text file stored on the server-side, whose name is stored in the cookie.
That's all.
精彩评论