- 追加された行はこの色です。
- 削除された行はこの色です。
-[[PHP?祉???激?с?括????肢?荐?http://www.stackasterisk.jp/tech/php/php03_06.jsp]]
-[[PHP: ?祉???激?с?喝?????∽??session) - Manual:http://www.php.net/manual/ja/ref.session.php]]
-[[Custom Session Handler:http://www.daniweb.com/code/snippet43.html]]
-[[Saving PHP's Session data to a database:http://www.tonymarston.net/php-mysql/session-handler.html]]
-[[Saving PHP Session Data to a Database:http://www.developertutorials.com/tutorials/php/saving-php-session-data-database-050711/page1.html]]
-[[Web Database Applications with PHP & MySQL: Chapter 8: Sessions:http://www.oreilly.com/catalog/webdbapps/chapter/ch08.html]]
-[[Introduction to Using Sessions with ADOdb | PHP Everywhere:http://phplens.com/phpeverywhere/node/view/37]]
-[[ADODB Session Management Manual:http://www.april.org/dotproject/lib/adodb/docs/docs-session.htm]]
-[[[PHP-users 8038] session_set_save_handler??c ???ゃ????http://ns1.php.gr.jp/pipermail/php-users/2002-June/008043.html]]
#author("2022-06-15T08:14:27+00:00","default:admin","admin")
-[[PHP $_SESSION(セッション変数)のすべて!【初心者向け基本】:https://wepicks.net/phpref-session/]]
* php.ini ??┃絎? [#mabf2718]
-[[?祉???激?с?鰹?sesssion鐚????≫?????php.ini???<?ゃ????┃絎?:http://f3.aaa.livedoor.jp/~matukazu/cautions/ini_session.php]]
-[[PHP???若????????PHP.INI ??┃絎????祉???激?с?括隈:http://d.hatena.ne.jp/michanLab/20091021/1256108113]]
~
~
|???? | ??????????? | 茯???h
|session.auto_start |0鐚??≦?刻? |???????鴻????紮???? ?祉???激?с?潟?≪?吾?ャ?若?????祉???激?с?潟????????????紮?????????????????絎?????????1?????????鴻???????????祉???激?с?割戎????????session_start()???∽?違??絎h??????????篏睡???с????????????????|
|session.cache_limiter |nocache |?祉???激?с?潟???若?吾???????????c???激?ュ?九勝???号?????絎? (none/nocache/private/private_no_expire/public) |
|session.cache_expire |180 |???c???激?ャ???????祉???激?с?潟???若?吾?????号??????????篏??ф??絎?|
|session.cookie_lifetime |0鐚????????吟?????????障?э? |???????吟????篆<???????????若?????号??????腱???篏??ф??絎?|
|session.cookie_path |/ |session_cokkie?ц┃絎????????鴻????絎? |
|session.cookie_domain |腥堺??絖? | ???????若?????鴻?????????<?ゃ?潟???????????????祉???????????????????????????泣?若????????????????????若?????c?????障????????????abc.com ????絎?????????www.abc.com, private.abc.com ?????????????若????????????????鐚?session.cookie_path ?ф??絎????????鴻????筝??眼?????逸???|
|session.cookie_secure |off |?祉???ャ?≪??・膓?????????????ookie????篆<?с????????????????絎? |
|session.entropy_file |腥堺??絖? |?祉???激?с??D??篏????????????ャ?????潟???????純?若?鴻??????戎??????紊??????純?若?鴻?吾?????鴻????絎???箴???????????紊????NIX?у??????純??dev/random?障????dev/urandom???????????障????|
|session.entropy_length |0 |session.entropy_file?????<?ゃ?????? 茯??帥???????ゃ???違????絎? |
|session.gc_probability |1 |???若???吾?潟?????激?с?潟???莨若?水?ゃ??┃絎??с???????????鴻??罸???????????罸??????祉???激?с?喝????????? gc (???若???吾?潟?????激?с???∽?違????紮????障???????若???吾?潟?????激?с?潟???莨若?水?ゃ?????若?祉?潟???ф??絎????障????|
|session.gc_divisor |100 |session.gc_divisor? session.gc_probability????水??????с???鴻?????祉???激?с?潟?????????????c鐚????若?????吾?潟?????激?с?鰹??????祉?鴻??紮???????腆榊????九勝???障????腆榊???c_probability/gc_divisor?ц?膊??????障????箴????違??1/100???????????鴻??罸???%??∈????C?????祉?鴻?? 紮??????障????|
|session.gc_maxlifetime |1440 |???若?帥???????帥?????帥????????羔??祉???????障?с????違????絎????障????|
|session.hash_function|0|????激?ョ?????∽?違????絎?鐚?0:MD5/1:SHA鐚?|
|session.hash_bits_per_character|4|1??絖?罸???????激?ャ??????? (4/5/6) |
|session.name |PHPSESSID |?祉???激?с?喝??????絎????????????弱????????戎???????障?????≪?????<????????絖????帥?ф??絎?????綽?荀????????障????|
|session.referer_check |腥堺??絖? |HTTP Referer ????????∈茯???茵?????絖???????絎????障????Referer???????ゃ?≪?潟??????????篆<???????????????ゃ????絎???????絖?????荀?篁??????????翫????????莨若?障?????祉???激?с??D???≦?鴻???????障????|
|session.save_handler |files |?祉???激?с?潟???∫?c???????若?帥???絖??????喝????戎??????????潟?????????臂?
|session.save_path |/tmp |?祉???激?с?潟???主????????宴??篆?絖????????<?ゃ????篏??????????贋???????鴻??1???<?ゃ?潟?ц??違??eb?泣?若???ч???????????????演?????≪???祉?鴻?с????????????????絎??????????????????с?祉???激?с?潟???掩?????с??????|
|session.serialize_handler |php |?激???≪?????障?????激???≪???????若?帥??緇?????????????戎??????????潟????????????絎?臂 |
|session.use_cookies |1鐚????刻? |?????ゃ?≪?潟???眼???祉?? ?激?с??D??篆?絖????????????????若??篏睡??????????????????絎?|
|session.use_only_cookies |0鐚??≦?刻? |?????≪?吾?ャ?若?????????ゃ?≪?潟???眼?吾???祉???激?с??D???絖???ookie???帥??篏睡??????????????絎? |
|session.use_trans_sid |0鐚??≦?刻? |?祉???激?с?潟??????????祉???激?с??D(SID)????????????????????????絎? |
|session.bug_compat | | |
|session.bug_compat_42 | | |
*保持期間 [#z5912fab]
-[[PHPでセッションの長さを変更する:https://qiita.com/buntafujikawa/items/db3008bae3f7ce5d4c2a]]
-[[[PHP]セッションの有効期限が切れてもセッションが消えるわけじゃない。:https://qiita.com/tkek321/items/5fe262e6e63644a58b76]]
-[[PHPのセッションが勝手に消えてしまう問題と解決法:https://blitzgate.co.jp/blog/1946/]]
-[[php – セッションのガーベッジコレクションと MySQL のあれこれ:https://dev.grimonet.com/php-session-gc-mysql/]]
* ?祉???激?с??D?????羝<?? [#j9a67876]
-Cookie篏睡???罔?羣?鐚?
-URL???????<?帥??????ET?<?純?????с?祉???激?с??D??????羝<??
-URL????????祉???激?с??D??????莨若??
--mod_rewrite????????RL?吾?????????腟??帥??綽?荀?
**php.ini 設定項目 [#rdcba15e]
-[[PHPのセッション関連設定項目:https://qiita.com/rana_kualu/items/bc4dca39d133f53b8289]]
* ?祉???激?с?括??? [#w88c48bd]
-[[茲??違?泣?若???с?祉???激?с?潟???掩???????眼????????????:http://www.slideshare.net/j_nakada/ss-7506214]]
-[[Enhance PHP session management:http://kevin.vanzonneveld.net/techblog/article/enhance_php_session_management/]]
-[[How to scale PHP applications:http://www.slideshare.net/e.zimuel/how-to-scale-php-applications]]
***session.gc_maxlifetime [#w4dc5311]
-サーバに保存されているセッションファイルの保存期間
** ?????祉???激?с?括?????絵?? [#w4348e33]
DB, memcached 膈???篏帥?c???祉???激?с?括?????茵????翫??????篁ヤ????鴻??絵???????
- php.ini ? session.auto_start ???ゃ?? 0 ?????c???????????絽吾????純????????
- session.save_hander ???ゃ?? user ??????綽?荀?????????php.ini ?ц┃絎???????????翫??? ini_set() ?ц┃絎???????
- PHP5.0.5篁ラ?????翫??? session_start() ???若?九?????荐???絎?茵???????
register_shutdown_function('session_write_close');
-default
session.gc_maxlifetime = 1440
** ?掩????????????篏帥?c???祉???激?с?括??? [#u35ef80d]
-茲??違???????????????≪???祉?鴻?с?????掩???????????????????с?????違????????筝???ソ
-php.ini ??? session.save_path ???掩??????????????????????????
***session.gc_probability [#g57901b0]
***session.gc_divisor [#pf7737b2]
-session.gc_maxlifetimeを過ぎると必ずセッションファイルが削除されるわけではなく、PHPにリクエストがあったときに (session.gc_probability / session.gc_divisor) の確率でGCが起動して実際に削除される
-セッションファイルそのものには有効期限は書かれていないため、session.gc_maxlifetimeを過ぎてもGC起動前であればセッションデータにアクセス可能
-デフォルトは session.gc_probability=1、session.gc_divisor=100 で、1%の確率でGCが起動する
** MySQL??篏帥?c???祉???激?с?括??? [#fb9ca3fd]
***session.cookie_lifetime [#d1afc152]
-ブラウザのクッキーの有効期間
-session.gc_maxlifetime のみ変更をしても、デフォルトだとブラウザを閉じたらセッションが破棄される
?祉???激?с?括??????????若??????篏????????????祉???激?с?潟??潟??????絎?臂???????
-default ... 0:ブラウザが閉じられるまで
session.cookie_lifetime = 0
?? ???若??? sessions
CREATE TABLE `sessions` (
`id` varchar(32) NOT NULL default '',
`access` int(10) unsigned default NULL,
`data` text,
PRIMARY KEY (`id`)
) TYPE=MyISAM;
***session.use_cookies [#mad32b62]
***session.use_only_cookies [#c334eaed]
-セッションの保存にCookieを使用するか。
-両方ともデフォルトは1で、0にしてはいけない
-session.use_cookiesは「Cookieを使用してもいいか?」
-session.use_only_cookiesは「必ずCookieを使用するか?」
-session.use_only_cookies=0にすると、index.php?PHPSSID=hogeというURLでセッションIDが有効になり、容易にセッションハイジャックできてしまうため、0にしてはならない
?? session_mysql.ini
<?php
define("SESSION_DB_HOST", "localhost");
define("SESSION_DB_USER", "test");
define("SESSION_DB_PASS", "test");
define("SESSION_DB_DB", "test");
?>
?? session_mysql.php
<?php
require_once("session_mysql.ini");
// ???若?九?臂????祉???激?с?潟??潟??????篏睡?
ini_set("session.save_handler", "user") or die("ini_set(session.save_handler) failed.");
// ?祉???激?с?潟??潟?????∽?違??荐??
session_set_save_handler('_open', '_close', '_read', '_write', '_destroy', '_clean');
// PHP5.0.5 篁ラ??? session_start() ???若?九?????????????絎?茵?
register_shutdown_function('session_write_close');
function _open()
{
global $_sess_db;
$db_host = SESSION_DB_HOST;
$db_user = SESSION_DB_USER;
$db_pass = SESSION_DB_PASS;
$db_db = SESSION_DB_DB;
if ($_sess_db = mysql_connect($db_host, $db_user, $db_pass))
{
return mysql_select_db($db_db, $_sess_db);
}
return FALSE;
}
function _close()
{
global $_sess_db;
return mysql_close($_sess_db);
}
function _read($id)
{
global $_sess_db;
$id = mysql_real_escape_string($id);
$sql = "SELECT data FROM sessions WHERE id = '$id'";
if ($result = mysql_query($sql, $_sess_db))
{
if (mysql_num_rows($result))
{
$record = mysql_fetch_assoc($result);
return $record['data'];
}
}
return '';
}
function _write($id, $data)
{
global $_sess_db;
$access = time();
$id = mysql_real_escape_string($id);
$access = mysql_real_escape_string($access);
$data = mysql_real_escape_string($data);
$sql = "REPLACE INTO sessions VALUES ('$id', '$access', '$data')";
return mysql_query($sql, $_sess_db);
}
function _destroy($id)
{
global $_sess_db;
$id = mysql_real_escape_string($id);
$sql = "DELETE FROM sessions WHERE id = '$id'";
return mysql_query($sql, $_sess_db);
}
function _clean($max)
{
global $_sess_db;
$old = time() - $max;
$old = mysql_real_escape_string($old);
$sql = "DELETE FROM sessions WHERE access < '$old'";
return mysql_query($sql, $_sess_db);
}
?>
?? test.php
<?php
require_once("session_mysql.php");
// Initialize a session. This call either creates
// a new session or re-establishes an existing one.
session_start();
// If this is a new session, then the variable
// $count will not be registered
if (!session_is_registered("count"))
{
session_register("count");
session_register("start");
$count = 0;
$start = time();
}
else
{
$count = $_SESSION['count'];
$start = $_SESSION['start'];
$count++;
}
$sessionId = session_id();
$_SESSION['count'] = $count;
$_SESSION['start'] = $start;
?>
<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>
<head><title>Sessions</title></head>
<body>
<p>This page points at a session
(<%= $sessionId %>)
<br>count = <%= $count %>.
<br>start = <%= $start %>.
<p>This session has lasted
<?php
$duration = time() - $start;
echo "$duration";
?>
seconds.
<p><a href="destroy_session.php">destroy session</a>
</body>
</html>
** TokyoTyrant ???????祉???激?с?括??? [#z1cc8bef]
-[[TokyoTyrant??篏帥?c?????祉???激?с?潟?鴻?????若??????) | ?????泣????http://blog.heartofsword.net/archives/479]]
** Repcached ???????祉???激?с?括??? [#z2d323c5]
-[[Memcached?с??????pcached???祉???激?с?括?????戎??????鐚??ゃ???с??okyo Tyrant???ゃ??????絨???鐚?:http://blog.asial.co.jp/508]]
-[[Repcached:http://lab.klab.org/wiki/Repcached]]??Lab???
-蕭???鐚?memcached?????蚊????鐚?
-???????宴?若?激?с?喝??緒?鐚??違???純?<???????若?帥??紊宴???????鐚?
-memcached???????ゃ?≪?潟????篏帥????鐚?荐????紊??眼????綽?荀???????鐚?
** memcached ???????祉???激?с?括??? [#k297a273]
[[memcached:http://www.danga.com/memcached/]] ???泣?若?????<?≪????????若?帥???主????????閟?罕?????箴????????若???????≪???帥?ゃ???????若?帥?с????綽?荀??????????若?帥???????主??????????号????????????荐???с????????????
-[[memcached:http://www.danga.com/memcached/]]
-[[PHP???祉???激?с?潟???若?炊?主?????emcached??????CentOS):http://blog.suz-lab.com/2010/09/phpmemcachedcentos.html]]
-[[memcached??PHP???祉???激?с?潟??戎??:http://dozo.matrix.jp/pear/index.php?PECL%2Fmemcache%2Fsession]]
-[[Memcache ?∽??http://www.php.net/manual/ja/ref.memcache.php]]
-[[memcached?????????∽?違???c???激??http://d.hatena.ne.jp/koyhoge/20070108/memcache]]
*** Memcache?∽?? Memcache?????鴻??篏帥?????????????? [#na1eedd1]
- php.ini ? extension_dir ??絖??????????c????????????絎?????????????腆肴???"./" ?????<??
extension_dir = "/usr/local/lib/php/extensions"
- 篁ヤ???絎?茵?????????????????????extension_dir ???掩?????ゃ?????????ゃ?潟?鴻???若????????
$ pecl install memcache
- php.ini ??札筝???菴遵??
extension=no-debug-non-zts-20060613/memcache.so
- Apache ????莎桁??
** sharedance ???????祉???激?с?括??? [#f9982f49]
-[[sharedance:http://sharedance.pureftpd.org/project/sharedance]]
-[[sharedance??eb?泣?若???????祉???激?с?喝?掩??:http://www.phppro.jp/phptips/archives/vol10/]]
Mac OS X 筝??с?????ゃ??????????≫??с???障????????с???????c?????????荐若??????????????
** ?????若?吾?????号???????????馹? [#x8f68b6a]
-[[PHP Tips:http://www.workspot.jp/tech/php_tips.html]]
-[[[PHP-users 21673]session_cache_limiter??戎????http://ns1.php.gr.jp/pipermail/php-users/2004-May/022195.html]]
-[[[PHP-users 16654]?祉???激?с?潟???祉???ャ?????c?若?????c???激?ャ???????若??????鐚?:http://ns1.php.gr.jp/pipermail/php-users/2003-July/017184.html]]
-[[???c???激?ュ?九勝:http://www.google.com/url?sa=U&start=8&q=http://ameblo.jp/genetsys/&e=10001]]
-[[Essential PHP Security:http://phpsecurity.org/]]
-[[Session Management Over the Web:http://www.oreilly.com/catalog/webdbapps/chapter/ch08.html]]
** ????URL [#uf7fceb9]
-[[PHP ? Web ?≪?????宴?若?激?с?潟???祉???ャ?????c???ゃ???????<??http://www.asahi-net.or.jp/~wv7y-kmr/memo/php_security.html]]
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
