PHP $_SESSION 是服务器端还是本地? [英] PHP $_SESSION is server side or local?

问题描述

据我所知，会话仅存储在服务器端.会话的用户 ID(或会话 ID)存储在 cookie 或 url 中.因此，用户，即使他或她是超级黑客，也不能在本地更改我在网站上使用的任何 $_SESSION 变量，除了会话 ID 或用户 ID?

As I understand it a session is stored on the server side only. User id (or session id) for the session is stored in a cookie or url. So, a user, even if he or she is a super hacker, cannot locally change any $_SESSION variables that I use on my site except the session id or the user id?

推荐答案

在大多数设置中，会话的数据存储在服务器上，其标识符存储在 cookie 中.如果您还没有使用过设置或自定义会话处理程序，这将是适合您的方式.

In most setups, the session's data is stored on the server and its identifier is stored in a cookie. If you haven't played around with settings or custom session handlers, this will be how it is for you.

这篇关于PHP $_SESSION 是服务器端还是本地?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！