stackoom
  简体   繁体   中英

How does PHP set the PHPSESSID into $_COOKIE superglobal variable without using the function setcookie() or setrawcookie()?

 原文  2017-10-11 15:19:56       php/ session/ cookies/ session-cookies/ setcookie

Question

I'm learning PHP's most important and difficult to understand concepts viz. "Session and Cookies"

As per my understanding cookies can only be set into the browser by using either of setcookie() or setrawcookie() functions.

As per my understanding of session process, it works in following way.

  • Every session is started by using the session_start( ) function.
  • The session_start( ) function must come before any HTML, including blank lines, on the page.
  • The session_start( ) function generates a random Session Id and stores it in a cookie on the user's computer (this is the only session information that is actually stored on the client side.)
  • The default name for the cookie is PHPSESSID . To reference the session Id in my PHP code, I would therefore reference the variable $PHPSESSID (it's a cookie name)

Please correct me if my understanding is wrong anywhere in above explanation.

My doubt is as session is setting some value in $_COOKIE superglobal it's nowhere using any of the functions setcookie() or setrawcookie() then still how could session id gets stored as a cookie variable?

If I assume that the session id is set as a cookie variable and setccookie() or setrawcookie() might have been called internally then what are the parameter values set while calling either of the functions setccookie() or setrawcookie() to set the cookie value?

Thank You.

1 answers

solution1
 5 ACCPTED  2017-10-11 15:30:32

The default name for the cookie is PHPSESSID . To reference the session Id in my PHP code, I would therefore reference the variable $PHPSESSID

No, it is just the name of the cookie, it will not be set as a global variable. You can access the value in $_COOKIE['PHPSESSID'] . But really, this should not concern you at all, you should only use the session_* functions and the $_SESSION superglobal to interact with PHP's session API, the underlying cookie being used is none of your concern for most intents and purposes.

… it's nowhere using any of the functions setcookie() or setrawcookie()

If I assume that the session id is set as a cookie variable and setccookie() or setrawcookie() might have been called internally …

Yes, PHP is calling some functions internally that will set the cookies. It's probably neither setcookie nor setrawcookie but some internal C function that sets the cookie. Again, it's none of your concern really. You just need to understand that calling session_start will somehow internally cause a cookie to be set.

… then what are the parameter values set while calling either of the functions setccookie() or setrawcookie() to set the cookie value?

Those are determined by the various session.cookie_* parameters you can set via session_set_cookie_params or ini_set .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP cookie superglobal does not seem to be set Why does this PHP setcookie() argument not set a cookie? setcookie() does not set cookie Setcookie does not set a cookie Setting cookie using header(“Set-cookie”) vs setcookie() function setcookie() does not set cookie locally Detecting a cookie set using setcookie without a page reload Cookies not set using PHP setcookie function How to set multiple cookies with PHP setcookie function Set httpOnly and secure on PHPSESSID cookie in PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM