dongya2030 2014-04-25 14:48
浏览 55
已采纳

Codeigniter会话表结构

I would like to understand why CI's session table structure has these three primary keys: session_id, ip_address and user_agent.

CREATE TABLE IF NOT EXISTS  `ci_sessions` (
        session_id varchar(40) DEFAULT '0' NOT NULL,
        ip_address varchar(45) DEFAULT '0' NOT NULL,
        user_agent varchar(120) NOT NULL,
        last_activity int(10) unsigned DEFAULT 0 NOT NULL,
        user_data text NOT NULL,
        PRIMARY KEY (session_id, ip_address, user_agent),
        KEY `last_activity_idx` (`last_activity`)
);

Please explain the most you can, also, I would like to hear suggestions to improve this structure. Why are ip_address and user_agent primary_keys, not just indexes? What's the difference?

Another info, this table adds a row to every user's access to the system, so, it is very bloated.

Edit: Another question that come to mind. Why would I care about user agent match?

  • 写回答

2条回答 默认 最新

  • dongsu3654 2014-04-25 14:58
    关注

    The idea here is that each session will be unique. How does it identify a session? By the three values in the primary key: session_id, ip_address, and user_agent.

    If you think about it, this makes sense:

    1. If the session_id changes, then (obviously) you're dealing with a different (new) session.
    2. If the ip_addess changes, then somebody's logging in from a different PC - this will be a new session.
    3. If the user_agent value changes, then somebody's using a different browser - again, this will be a new session.

    So imagine that only the session_id is the primary key: changing either ip_address or user_agent would simply update the existing row for the session_id. If that were the case, knowing only the session_id would make it possible for me to continue the same session on another PC or with a different browser, which might be a security concern.

    You also wrote "this table adds a row to every user's access to the system, so, it is very bloated". I'm not sure if you mean every time user A accesses the system it adds a row (which is false on my application, I just tested it) or if you mean it adds a row for each user accessing the system (which is true, and the way it's supposed to work - each user using the system has a session). Maybe you could clarify that last comment.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

  • Codeigniter会话结构 mysql php
    2014-04-25 14:48
    回答 2 已采纳 The idea here is that each session will be unique. How does it identify a session? By the three va
  • CodeIgniter会话与cookie php
    2013-10-04 21:24
    回答 1 已采纳 You can change/set the value of sess_expiration config variable in the file application/config/con
  • CodeIgniter会话未设置 php
    2014-08-11 21:03
    回答 3 已采纳 did u load the session library i.e. $this->load->library('session'); also, convert the cod
  • PHP面试题大全
    2019-12-20 09:54
    Rudon滨海渔村的博客 创建类别如下: CREATE TABLE category( cat_id smallint unsigned not null auto_increment primary key comment'类别ID', cat_name VARCHAR(30)NOT NULL DEFAULT''COMMENT'类别名称', parent_id SMALLINT ...
  • Codeigniter会话不在其他功能中工作 php
    2013-12-29 17:33
    回答 2 已采纳 Better is to load session Library in constructor public function __construct() { $th
  • 如何使用CodeIgniter显示 php
    2018-03-20 18:04
    回答 1 已采纳 If your site was example.com then the url http://example.com/training should work. You need to
  • 跨子域的Codeigniter会话 php
    2014-03-30 19:02
    回答 3 已采纳 From the following solution : Sharing sessions Both the cookie_domain and cookie prefix has to be
  • php面试题汇总
    2019-10-02 19:39
    ahfn26906的博客 8、redis集群怎么做 ...redis-cluster集群,采用无中心结构,每个节点保存数据和整个集群状态,每个节点都和其他所有节点连接,主要通过节点的配置,辅以redis的主从来完成集群。由于这块东西我使用得...
  • codeigniter会话对象已过期可用性 php
    2015-06-23 00:52
    回答 1 已采纳 When Session expires, session variables also becomes undefined. So always check your session like
  • Codeigniter会话错误。 我无法解决 php
    2015-09-18 12:07
    回答 2 已采纳 You should give the writable permission to /home/site/14238/www/web1/system/cache directory
  • extent codeigniter会话到期 javascript jquery php
    2013-07-06 12:50
    回答 1 已采纳 Simply you can use the $config['sess_time_to_update'] = 30; //seconds which will update the sess
  • PHP必备知识点
    2019-07-30 10:03
    千古~的博客 怎么设计 你好,我大概的说下我们的业务流程,我们的业务流程是:用户在网站浏览酒店信息,可以根据地区检索出该地区的酒店信息。列展示酒店的信息由:酒店的名称,酒店图片,酒店位置,评论人数,评论分数以及...
  • Codeigniter会话变量,单,更新数据库值 php
    2017-02-08 20:14
    回答 1 已采纳 Try value="<?php echo set_value('s_county')
  • 微信小程序资源汇总
    2018-08-20 17:18
    Vincentzyc的博客 微信国庆假期微信大数据报告 2017-10-09 小程序自定义评分组件(精确度0.1星) 2017-10-06 微信小程序之scroll-view选项卡与跳转 (二) 2017-10-06 java实现微信小程序登录态维护 2017-10-06 Mac下搭建...
  • HTML5 面试选题
    2019-10-06 15:53
    banzaopu8688的博客 SEO是指通过站内优化比如网站结构调整、网站内容建设、网站代码优化等以及站外优化。 1、  合理的 title、description、keywords:  搜索对着三项的权重逐个减小,title值强调重点即可,重要关键词出现不要...
  • PHP 面试知识点整理归纳
    2018-09-05 18:33
    php小学一年级生的博客 引用不是指针,下面的结构不会产生预期的效果: function foo(&$var) { $var =& $GLOBALS["baz"]; } foo($bar);   当 unset 一个引用,只是断开了变量名和变量内容之间的绑定。这并不意味着变量...
  • 面试题总汇
    2019-03-18 15:59
    天天study的博客 怎么设计 你好,我大概的说下我们的业务流程,我们的业务流程是:用户在网站浏览酒店信息,可以根据地区检索出该地区的酒店信息。列展示酒店的信息由:酒店的名称,酒店图片,酒店位置,评论人数,评论分数以及...
  • PHP面试题(一)
    2018-03-24 11:56
    钟长森的博客 双端队列中的元素可以从两端弹出,其限定插入和删除操作在的两端进行。双向队列(双端队列)就像是一 个队列,但是你可以在任何一端添加或移除元素。而双端队列是一种数据结构,定义如下: A deque is a data ...
  • php面试题汇总(必会)
    2019-01-11 19:38
    Sunssai的博客 怎么设计  你好,我大概的说下我们的业务流程,我们的业务流程是:用户在网站浏览酒店信息,可以根据地区检索出该地区的酒店信息。列展示酒店的信息由:酒店的名称,酒店图片,酒店位置,评论人数,评论分数...
  • PHP 最新精品面试题
    2019-01-13 21:13
    咦呀的博客 怎么设计  你好,我大概的说下我们的业务流程,我们的业务流程是:用户在网站浏览酒店信息,可以根据地区检索出该地区的酒店信息。列展示酒店的信息由:酒店的名称,酒店图片,酒店位置,评论人数,评论分数...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)
  • ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。