php cookie 和session详解

    先说cookie的用法。

 setcookie(name,value,int expire); 

  创建cookie，名字，值，过期时间一般是time()+(60*60*3) ，单位second

 

$_cookie['name']  //使用cookie

 

删除cookie，只要设置为过期就可以了

setcookie(name,value,time()-3600);

设置时间为过去的任何一个时候即可。

 

cookie是保存在客户端的，能够永久持续的，只要不过期。但是有些人设置浏览器禁用cookie，这是，application的功能对这些人可能不友好。

 

 

session是存储在服务器上的，浏览器不影响session的存储。因为存储在服务器端，所以session跟cookie相比更加安全和可信(secure and reliable).

session变量一旦会话结束后会自动销毁。

<?php

1. 开始一个session。 start a session

   session_start();  

 

2.   新建session变量

  $_SESSION['name']=value  

 

3，删除session变量。有两种变法

  1.unset($_SESSION['name']);  // 依次删除

  2.$_session=array() //删除所有的变量

 

4如果存在session的cookie，就删除

 if(isset($_COOKIE[session_name()])

{  setcookie(session_name(),' ', time()-3600);

}

setcookie(session_name(), '', time()-86400, '/');

 session在使用时可能会临时产生一个cookie来存储session id，session id是独一无二代表这个session的。 

This uses the function session_name() to get the name of the session dynamically, and
resets the session cookie to an empty string and to expire 24 hours ago (86400 is the number
of seconds in a day). The final argument ('/') applies the cookie to the whole domain

5.session_destroy(); 

 注意这个函数不删除任何变量，仅仅是关闭session。

<?php

// If the user is logged in, delete the session vars to log them out

session_start();

if (isset($_SESSION[‘user_id’]) ) {

// Delete the session vars by clearing the $_SESSION array

$_SESSION = array();

// Delete the session cookie by setting its expiration to an hour ago (3600)

s

if (isset($_COOKIE[session_name()])) {

etcookie(session_name(), ‘’, time() - 3600);

}

// Destroy the session

session_destroy();

}

// Redirect to the home page

$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';

header('Location: ' . $home_url);

?>

 

session官网解释如下：

session_start — Initialize session data

Report a bug

 Description

bool session_start ( void )

session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

To use a named session, call session_name() before calling session_start().

When session.use_trans_sid is enabled, the session_start() function will register an internal output handler for URL rewriting.

If a user uses ob_gzhandler or similar with ob_start(), the function order is important for proper output. For example, ob_gzhandler must be registered before starting the session.

Report a bug

 Return Values

This function returns TRUE if a session was successfully started, otherwise FALSE.

 

Note:

To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

否则会有错误：

错误提示 
Warning: Cannot send session cookie - headers already sent 
Warning: Cannot send session cache limiter - headers already sent 

 

获取session的id值，

echo SID;

 

session_register()，此方法已经废弃 register . 登记；注册；记录one or more global vars with current session.

用法：
bool session_register ( mixed $name [, mixed $... ] )
<?php
// Use of session_register() is deprecated
$barney = "A big purple dinosaur.";
session_register("barney");

// Use of $_SESSION is preferred, as of PHP 4.1.0
$_SESSION["zim"] = "An invader from another planet.";

// The old way was to use $HTTP_SESSION_VARS
$HTTP_SESSION_VARS["spongebob"] = "He's got square pants.";
?>