(dis) session vs cookie 的优点 [英] (dis)advantages of sessions vs cookies
问题描述
我需要一些有关会话的详细信息.会话变量的缺点是什么?Cookie 和会话,哪个更好?
I need some details about sessions. What are the disadvantages of session variables? Between cookies and sessions, which one is better?
推荐答案
我不打算在这里谈安全性,因为 Infotekka 已经深入探讨了.您似乎在问是否应该使用 SESSION 或 COOKIE,就好像它们是彼此的替代品一样.
I'm not going to touch on security here as Infotekka already went into it quite a bit. It seems like you are asking whether you should use a SESSION or COOKIE as if they are alternatives to one another.
他们不是.他们的服务器(这是一个错字......但我将其保留,因为这是一个很好的双关语)不同的目的.
They are not. They server (this was a typo..but I'm leaving it cuz it's a nice pun) different purposes.
由于 HTTP 是无状态的,PHP(和其他)提供了通过使用会话在您的应用程序中模拟状态机的能力.如果你不这样做,你将不得不在每个页面之间使用 POST/GET 来保持数据一致,如果用户自己转到另一个页面,数据就会丢失!因此,如果没有 SESSION,您将无法让用户登录到您的网站......至少不是非常一致.
As HTTP is stateless, PHP (and others) offer the ability to simulate a state machine in your application through the use of a Session. If you did not do this, you would have to use POST/GET between every page to keep the data consistent, and if the user goes to another page on their own that data will be lost! So without a SESSION, you wouldn't be able to have a user logged in to your site .. at least not very consistently.
总而言之,SESSION 用于在您网站的多个页面之间保留数据,而不使用 HTTP 很长一段时间.这就是它的用途.
To summarize, SESSION is used to keep data between multiple pages of your site without using HTTP for an extended period of time. That's what it is used for.
我想你可以使用 COOKIE 来做到这一点,但它比 cookie 复杂得多,尤其是在处理序列化到会话的对象时.设置的 COOKIE 在下一个页面加载之前也无法访问,并且必须在脚本的任何输出之前设置(就像任何其他标题一样).
I suppose you could use COOKIE to do this, but it is much more complicated as cookie, especially when dealing with objects serialized to the session. COOKIEs that are set also cannot be accessed until the next page load and must be set before any output by the script (like any other header).
会话应该就是这样——用户在他们的电脑前坐下在网站上工作多久时所拥有的会话.离开时,会话结束.
Sessions should be just that -- the session that the user has when they sit down at their computer for however long to do work on the site. When the leave, the session ends.
Cookie 应该用于长期存储简单数据.如果他们经常访问该网站,他们可能希望自己的用户名被他们记住,因此可以将其存储为 cookie.请注意 Infotekka 指出的安全问题.
Cookies should be used to store simple data for a long period of time. If they go to the website a lot, they might want their username to be remembered for them, so it can be stored as a cookie. Just be mindful of the security issues noted by Infotekka.
最后,我应该补充一点,用户和浏览器之间的每个页面请求都会传输 COOKIE.更多的 Cookie 意味着更多的页面加载时间.
Finally, I should add that COOKIEs are transmitted on every page request between the user and browser. More Cookies means more page load time.
这篇关于(dis) session vs cookie 的优点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
