stackoom
  简体   繁体   中英

Zend_Session where is the cookie?

 原文  2012-02-29 19:55:53       php/ zend-framework/ session/ session-cookies

Question

i'm using Zend_Session::start() on each request because I need to save the values ​​between the various requests (for example user and password for re-use it in future access to db).

I would like to know if the cookie is created when i use Zend_Session::start(), and most importantly where I can see the path where is stored (both server and client).

I read that in fact the use of sessions involves the creation of a cookie but I'm not sure if the same is true with the Zend_Session seen that there is also Zend_Http_Cookie

3 answers

solution1
 2  2012-02-29 20:01:12

All sessions need some way for the client to authenticate against.

Meaning, the server will give the client a key (or a session ID), usually in the form of a cookie, and link (internally, on the server-side) the session variables to that ID.

When the client sends a request, it also sends the session ID with the cookies, which allows the server to fetch the variables associated with that ID, and allow use by the programmer.

The path of the cookies changes per browser.

That means that the client only has the ID , the client does not know what is in the session variables, he cannot see them.

Now I don't know Zend very well, but I assume that Zend_Session is for sessions, while Zend_Http_Cookie is for an actual cookie (where the value of the variable itself is stored in the cookie). Do not store critical information in a cookie, as it is easily readable and changable.

solution2
 2 ACCPTED  2012-02-29 20:06:30

Zend_Session extends the standard PHP session functionality, so yes starting a session sets a cookie. Where the session data is stored depends on your configuration, by default the data is stored in files, the location of which is controlled by the config value session.save_path .

You wouldn't typically store the password in the session - once a user has been authenticated you might store just the username in the session for later access. Zend_Auth will handle all of this for you if you are using that component.

Forget about Zend_Http_Cookie, it has nothing to do with user cookies.

solution3
 2  2012-02-29 20:09:25

From Zend_Session documentation :

Zend_Session uses the normal PHP ext/session functions internally, all the familiar configuration options and settings apply (see http://www.php.net/session )

You may also configure some behaviors of Zend_Session using Zend_Session::setOptions() : 

Zend_Session::setOptions(array(
  'use_only_cookies' => 'on',
  'remember_me_seconds' => 864000
));

See also Zend_Session Advanced Usage

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Zend_Session problems Zend_Session in _init of bootstrap Unit testing Zend_Session Zend_Session uncaught exception Zend Framework - Zend_Session strange behavior Initialize Zend_Session with already started session PHPUnit output causing Zend_Session exceptions Zend_Session losing data … but why? Isolating Zend_Session in PHPUnit tests persisted login with Zend_Session::rememberMe
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM