{"id":217,"date":"2009-12-22T16:45:30","date_gmt":"2009-12-22T16:45:30","guid":{"rendered":"http:\/\/dev001.dl\/yan\/wdp\/?p=217"},"modified":"2026-01-20T05:06:49","modified_gmt":"2026-01-20T05:06:49","slug":"php-session","status":"publish","type":"post","link":"http:\/\/www.lalife.net\/?p=217","title":{"rendered":"PHP session"},"content":{"rendered":"

Use both Session and cookie to keep security for the website<\/strong>
\n$_COOKIE[session_name()]
\nthe session name is stored as cookie, other variables are stored as session var<\/p>\n

auth.php<\/p>\n

<?php
\nsession_set_cookie_params(7200,’\/’,”,true);
\nsession_start();
\nif($_SESSION[‘auth’]!=’xxx’){
\nsession_destroy();
\nheader(“Location: .\/login.php\\n\\n”);
\nexit;
\n}else{
\n\/\/check fingerprint
\n$fp = $_SERVER[“HTTP_USER_AGENT”];
\n$fp .= $_SERVER[“REMOTE_ADDR”];<\/p>\n

$fp = md5($fp);
\nif($_SESSION[‘par’] != $fp){
\nheader(“Location: .\/login.php\\n\\n”);
\nexit;
\n}
\n}
\n?><\/p>\n

login.php
\ncheck if ID, pass are matched with those in db….then<\/p>\n

session_start();
\n$_SESSION[‘user_id’] = $uid;
\n$_SESSION[‘grp_id’] = $gid;
\n$_SESSION[‘auth’] = 1;<\/p>\n

$fp = $_SERVER[“HTTP_USER_AGENT”];
\n$fp .= $_SERVER[“REMOTE_ADDR”];
\n$_SESSION[‘remote’] = md5($fp);
\nheader(“Location: .\/index.php”);<\/p>\n

logout.php<\/p>\n

session_set_cookie_params(7200,’\/’,”,true);
\nsession_start();
\n$_SESSION = array();
\nif(isset($_COOKIE[session_name()])){
\n$params = session_get_cookie_params();
\nsetcookie(session_name(), ”, time()-3600,
\n$params[“path”], $params[“domain”],
\n$params[“secure”], $params[“httponly”]
\n);
\n}
\nsession_destroy();
\nheader(“Location: .\/login.php\\n\\n”);
\nexit;<\/p>\n

session_destroy() destroy the session, and cookie will be deleted as setting the cookie lifetime as a time past<\/p>\n","protected":false},"excerpt":{"rendered":"

Use both Session and cookie to keep security for the website $_COOKIE[session_name()] the session name is stored as cookie, other variables are stored as session var auth.php <?php session_set_cookie_params(7200,’\/’,”,true); session_start(); if($_SESSION[‘auth’]!=’xxx’){ session_destroy(); header(“Location: .\/login.php\\n\\n”); exit; }else{ \/\/check fingerprint $fp = … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[47],"class_list":["post-217","post","type-post","status-publish","format-standard","hentry","category-php","tag-php-session"],"_links":{"self":[{"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/posts\/217","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.lalife.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=217"}],"version-history":[{"count":1,"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/posts\/217\/revisions"}],"predecessor-version":[{"id":1953,"href":"http:\/\/www.lalife.net\/index.php?rest_route=\/wp\/v2\/posts\/217\/revisions\/1953"}],"wp:attachment":[{"href":"http:\/\/www.lalife.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=217"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.lalife.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=217"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.lalife.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=217"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}