如何为会话cookie生成密钥以及何时需要它?
Excerpt from http://php.about.com/od/advancedphp/ss/php_sessions.htm:
So how will it know it's me? Most sessions set a cookie on your computer to uses as a key... it will look something like this: 350401be75bbb0fafd3d912a1a1d5e54.
My question is, in PHP, how to generate a key (e.g., 350401be75bbb0fafd3d912a1a1d5e54) for a session cookie?
And when do we need such a key? Why not just set $_SESSION['color']='red' in the first page and retrieve in the second page with $_SESSION['color']?
摘自 http://php.about.com/od/advancedphp/ss/php_sessions.htm : p>
那怎么会知道它是我? 大多数会话在您的计算机上设置一个cookie用作键......它看起来像这样:350401be75bbb0fafd3d912a1a1d5e54。 p> blockquote>
我的问题是,在PHP中,如何 为会话cookie生成密钥(例如,350401be75bbb0fafd3d912a1a1d5e54)? p>
我们何时需要这样的密钥? 为什么不在第一页中设置
$ _ SESSION ['color'] ='red' code>并使用$ _ SESSION ['color'] code>在第二页中检索? p> div>
how to generate a key (e.g., 350401be75bbb0fafd3d912a1a1d5e54) for a session cookie?
Just call session_start() for this. A key would be generated automatically
when do we need such a key?
when session starts, to distinguish one user from another
Why not just set $_SESSION['color']='red' in the first page and retrieve in the second page with $_SESSION['color']?
This is the way sessions works. You are encouraged to do it this way. Who says you can't do it?
When youu start a session in PHP using session_start it auto generates a session key.
Check the session section on the PHP manual http://www.php.net/manual/en/book.session.php
And when do we need such a key? Why not just set $_SESSION['color']='red'
in the first page and retrieve in the second page with $_SESSION['color']?
The key's a unique identifier for each user to your site. If everyone received the same session ID, then they'd all be sharing the same session ID. Think of what'd happen if your bank's website used the same key for everyone. The first person to log in would then have their account exposed to every other visitor.
You can store whatever you want in the $_SESSION array, but remember that if things were correctly configured, it's going to be a different array for every user, so only store whatever's "configurable" per-user. A color preference for a background, like your 'red' example is one. But don't store the name of your site, as that wouldn't differ for each user.