Web服务器何时清除PHP会话标识符？ [英] When does a web server clear the PHP session identifier?

问题描述

背景：

我想写一个脚本，定期连接到Web服务器，特定页面已更改。我已经得到这个工作使用bash（脚本），curl（实际连接）和crontab（计划）的组合。

由于服务器需要身份验证，我首先使用curl在登录页面上使用我的凭据执行POST请求，并保存了cookie文件（包含PHPSESSID）。现在我可以使用cookie文件，当我要检查的实际网页的请求。

问题：

1. p>服务器何时清除我的第一个请求设置的PHPSESSID？




2. 如果PHPSESSID被清除，那么它会崩溃，因为它保存了所有已经启动的每个会话的信息。关闭浏览器是有一些方法，我可以模拟，即使使用curl？

解决方案

p>比它清除时更复杂一点

一个会话在PHP中有一个生命周期。默认值为24分钟。这意味着在您连接到网站后，您的会话才有效，直到

• 您关闭浏览器




• 24分钟后，您可以使用cURL来模拟Cookie。

  
  
  

  每次加载页面并且服务器调用 session_start（）时， 那么到期时间会再碰到24分钟（从技术上讲，在调用 session_start（）的页面上，脚本执行结束时实际上会碰到24分钟）。

  当该cookie实际到期时，您的会话不再有效，并且 $ _ SESSION 在服务器端将为空。 但您的数据仍在服务器上，直到服务器执行会话垃圾收集周期以清除过期会话，这取决于服务器上使用的会话处理程序，可能会或可能不会实际上删除您的数据。例如，银行可能会将数据发送到存档服务器，以备他们需要这些记录。

  
  

  Background:

  I am trying to write a script that connects on a regular basis to a web server and checks if some information on a specific page was changed. I already got this working using a combination of bash (for scripting), curl (for the actual connection) and crontab (for the scheduling).

  Since the server requires authentication, I first used curl to do a POST request on the login page with my credentials and saved the cookie file (containing the PHPSESSID). Now i can use the cookie file when doing the request for the actual web page I want to check.

  Question(s):

  1. When does the server actually clear the PHPSESSID i set with my first request? I imagine it must do this sometime, otherwise it would crash because it keeps storing information about every single session that was ever started.

  2. If the PHPSESSID is cleared on closing the browser is there some way i can simulate that even using curl?

  解决方案

  It's a little more complicated than just "when it's cleared"

  A session has a lifetime in PHP. The default is 24 minutes. That means that after you connect to a website, your session is valid until

  • You close the browser (which won't be simulated with cURL unless you just drop the cookies)

    OR

  • 24 minutes pass

  Each time you load a page and the server calls session_start() that expiration time will be bumped an additional 24 minutes (technically speaking it's actually bumped 24 minutes at the end of the script execution on pages where session_start() is called).

  When that cookie actually expires, your session is no longer valid, and $_SESSION will be empty on the server side. But your data is still on the server until the next time that the server performs a session garbage collection cycle to clear out expired sessions which, depending on the session handler in use on the server, may or may not actually delete your data. A bank, for example, might send the data off to an archive server in case they ever need the records.

  这篇关于Web服务器何时清除PHP会话标识符？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！