为什么我们实际上在 PHP 中使用 session_id 和 session_name 我知道这是出于安全目的但没有得到清晰的图片有人给我一些指导或建议....?请
问问题
936 次
2 回答
0
1)Sessions work by creating a unique id (UID) for each visitor and store variables based on this UID.
2)Session store value in server so in server all data are unique for each other.
于 2013-04-06T07:00:13.007 回答
0
There is not any major difference behind this though, you can use session_id and/or session_name, they are used to store id and name respectively.
session_id and session_name are to get and set the current session ID and session ID name (default is PHPSESSID). session_regenerate_id can be used to regenerate/change the session ID of the current session. This might be useful if, for example, you want to refresh the session ID every 10 minutes or after changing the state of authenticity of a user associated with a session.
The format of a Session Id is AFAIK unique to each and every vendor.
Session Ids have the possibility to be reused though. If the session on machine A times out then that id could be regenerated for machine B. One this that should be true, however, is that not 2 distinct sessions, whether from different browser sessions on a single machine or different machines, should have the same session Id at the same point in time.
To get a handle on how it 'could' be implemented why not take a look at the Tomcat source code/documentation and havea look at how it handles sessions ? http://jakarta.apache.org/tomcat/index.html
于 2013-04-06T07:04:57.813 回答