dongyu3659 2017-02-22 09:59
浏览 39
已采纳

PHP会话 - 几个问题

I am using PHP sessions to store tracking data across my pages for my site. The session is started with session_start();

By the way - this is not a login script. I am tracking the first page the user entered on, the date/time and a few other variables.

I store the information in a database, and finally redirect the user to a page using:

header("Location: ".$URLHERE);
exit(); 

A few questions about using sessions:

  1. As I am not explicity closing the session after the redirect, does PHP delete session variables from disk - or do I have to handle this myself?

(I am concerned about datafiles building up on my Apache server)

  1. Are there any security issues with PHP sessions? This isn't a login, but my scripts do rely on session variables to track information about that unqiue visit.

Thanks :)

  • 写回答

3条回答 默认 最新

  • doupeng5320 2017-02-22 10:12
    关注
    1. No, the session garbage collection is managed by the system, based on the session.gc_maxlifetime property of php.ini. As your PHP script is run on a per-request basis, calling session_destroy() would involve the lost of data you got about the user at the end of each request.

    2. No security problem with php sessions, only risk is the cookie being stolen by an attacker, but you can avoid that requiring https.

    Note that you can also do this without the session, but using the cookie API.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥60 请查询全国几个煤炭大省近十年的煤炭铁路及公路的货物周转量
  • ¥15 请帮我看看我这道c语言题到底漏了哪种情况吧!
  • ¥66 如何制作支付宝扫码跳转到发红包界面
  • ¥15 pnpm 下载element-plus
  • ¥15 解决编写PyDracula时遇到的问题
  • ¥15 有没有人能解决下这个问题吗,本人不会编程
  • ¥15 plotBAPC画图出错
  • ¥30 关于#opencv#的问题:使用大疆无人机拍摄水稻田间图像,拼接成tif图片,用什么方法可以识别并框选出水稻作物行
  • ¥15 Python卡尔曼滤波融合
  • ¥20 iOS绕地区网络检测