PHP真正的SESSION对象
编辑:(已更新)
也许我的问题不够清楚。好吧,让我们这样说:
$arr["a"] = 10;
var_dump($arr);
$arr["b"] =& $arr["a"];
var_dump($arr);
第一个 var_dump 返回:
array
'a' => int 10
而第二个返回:
array
'a' => &int 10
'b' => &int 10
如果我 unset($arr["a"]) 它将返回:
array
'b' => int 10
规则是,当 2 个或更多时变量“指向”相同的内容 var_dump 将使用与字符 (&) 显示引用。
对于 $_SESSION,即使使用 register_long_arrays = Off $_SESSION 仍然显示引用。所以很明显其他变量也指向相同的内容。
换句话说,如果我取消设置($_SESSION),则仍有其他变量可以链接到。在上面的示例中,当我unset($arr["a"])时,如果我创建链接,我仍然可以恢复该内容,例如:$arr["z"] = & $arr["b"].
所以,我最初的问题是,有谁知道另一个变量是什么?这样的变量很可能不存在...但我想知道为什么 PHP 内部显示该引用。
谢谢
(原始问题:)
例如,当您在 PHP 中创建会话时:
session_start();
$_SESSION["name"] = "my name";
并使用以下命令转储 GLOBAL 变量:
var_dump($GLOBALS);
您将看到类似以下内容:
'HTTP_SESSION_VARS' => &
array
'name' => string 'my name' (length=7)
'_SESSION' => &
array
'name' => string 'my name' (length=7)
'HTTP_SERVER_VARS' =>
array
...
如您所见,变量 $GLOBAL[HTTP_SESSION_VARS] 和 $_SESSION 都是 对其他对象内容的引用...有人知道那个对象是哪个吗?
理论上,如果我取消设置这两个变量,一定可以访问该变量 内容……有什么线索吗?
谢谢你!
EDIT: (UPDATED)
Maybe my question was not clear enough. Ok, lets put it this way:
$arr["a"] = 10;
var_dump($arr);
$arr["b"] =& $arr["a"];
var_dump($arr);
the first var_dump returns:
array
'a' => int 10
While the second one returns:
array
'a' => &int 10
'b' => &int 10
If I unset($arr["a"]) it will return:
array
'b' => int 10
The rule is, when 2 or more variables "points" to the same content var_dump will display the reference with an ampersand character (&).
In the case of $_SESSION, even with register_long_arrays = Off $_SESSION still shows a reference. So it is obvious that other variable is also pointing to the same content.
In other words, if I unset($_SESSION) there is still other variable somewhere that can be linked to. In the above example, when I unset($arr["a"]) I can still recover that content if I create a link, something like: $arr["z"] =& $arr["b"].
So, my original question was, does anyone know WHICH is that other variable? It is very probable that such variable do not exists... but I was wondering why inside PHP shows that reference.
Thank you
(Original question:)
When you create a session in PHP, for example:
session_start();
$_SESSION["name"] = "my name";
and dump the GLOBAL variables with:
var_dump($GLOBALS);
you will see something like:
'HTTP_SESSION_VARS' => &
array
'name' => string 'my name' (length=7)
'_SESSION' => &
array
'name' => string 'my name' (length=7)
'HTTP_SERVER_VARS' =>
array
...
As you can see, both variables $GLOBAL[HTTP_SESSION_VARS] and $_SESSION are
references to other object's content... Do anyone knows which is that object?
In theory, if I unset both variables, somehow It must be possible to access that
content... any clue?
Thank you!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
$HTTP_SESSION_VARS是旧的,已弃用,$_SESSION的名称 - 您不应该再使用它。这些
$HTTP_*_VARS变量不一定被设置:只有在register_long_arrays配置指令已启用 - 并且使用最新版本的 PHP(即 PHP 5.3),它已被弃用。For instance, on my server, which is running PHP 5.3.2, the portion of code that you gave :
仅输出(在几次刷新之后,这解释了
PHPSESSIDcookie 的存在):没有任何
$HTTP_*_VARS变量的痕迹:register_long_arrays配置指令已禁用。$HTTP_SESSION_VARSis the old, deprecated, name for$_SESSION-- you should not use that anymore.Those
$HTTP_*_VARSvariables are not necessarily set : they will only be if theregister_long_arraysconfiguration directive is enabled -- and, with recent versions of PHP (i.e. PHP 5.3), it has been deprecated.For instance, on my server, which is running PHP 5.3.2, the portion of code that you gave :
Only outputs (after a couple of refresh, which explains the presence of the
PHPSESSIDcookie) :No trace of any
$HTTP_*_VARSvariable : theregister_long_arraysconfiguration directive is disabled.HTTP_SESSION_VARS不是为了向后兼容吗?
Isn't HTTP_SESSION_VARS for backward compatibility?
它是存储在会话文件中的数据数组,会话文件是存储在服务器上的实际临时文件。就像它们都指向的那样,它是一个数组,没有“Session”对象。当您运行
session_start时,这些值会被填充,它基本上根据该用户的 PHPSESSID cookie 从文件中加载数据。It's an array of data that is stored in the session file, which is an actual temporary file stored on the server. Like both of them point to, it's an array, there is no 'Session' object. Those values are filled in when you run
session_startwhich basically loads the data from the file based on the PHPSESSID cookie for that user.好吧,在 PHP 5 中,保留
$HTTP_SESSION_VARS只是出于兼容性原因。强烈建议您改用$_SESSION。来自 PHP 手册:编辑
你说你“已经知道了”!?那你的问题是什么?
$_SESSION不是一个对象,毕竟它是一个 ARRAY,一个超全局变量。没有方法,没有成员。您可以像访问任何其他数组一样访问它的值:$_SESSION['key']。您可以编写自己的 Session 类来封装 PHP 的会话管理。使用 session_set_save_handler 方法绕过内置会话管理并实现自己的逻辑。
问候。
Well, in PHP 5
$HTTP_SESSION_VARSis kept for compatibility reasons only. You are strongly encouraged to use$_SESSIONinstead. From the PHP manual:EDIT
You say you "already know that"!? What's your question then?
$_SESSIONis NOT an object, after all, it's an ARRAY, a superglobal variable. No methods, no members. You can access it's values like you would with any other array:$_SESSION['key'].You could write your own Session class that wraps around PHP's session management. Use the session_set_save_handler method to bypass the built in session management and implement your own logic.
Regards.