详解PHP会话存储方式

核心提示： 先确认会话是否自动开启还是需要通过session_start()来手动开启：; 指定会话模块是否在请求开始时自动启动一个会话，默认为 0（不启动）; Initialize session on request startup.; http://php.net/session.auto-startsession.aut

 先确认会话是否自动开启还是需要通过session_start()来手动开启：

; 指定会话模块是否在请求开始时自动启动一个会话。默认为 0（不启动）
; Initialize session on request startup.
; http://php.net/session.auto-start
session.auto_start = 0
在客户端，会话可以存储在cookie或者通过URL参数来获取。依赖于服务器的配置：

; 指定是否在客户端用 cookie 来存放会话 ID。默认为 1（启用）
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1

; 指定是否在客户端仅仅使用 cookie 来存放会话 ID。。启用此设定可以防止有关通过 URL 传递会话 ID 的攻击。
; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combatting
; session hijacking when not specifying and managing your own session id. It is
; not the end all be all of session hijacking defense, but it's a good start.
; http://php.net/session.use-only-cookies
session.use_only_cookies = 1
如果确认存储在cookie中，则可以进一点配置会话存储在cookie中的各项配置，如cookie_name，cookie_lifetime，cookie_path，cookie_domain，cookie_secure，cookie_httponly

; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID

; Lifetime in seconds of cookie or, if 0, until browser is restarted.
; http://php.net/session.cookie-lifetime
session.cookie_lifetime = 0

; The path for which the cookie is valid.
; http://php.net/session.cookie-path
session.cookie_path = /

; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =

; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
; http://php.net/session.cookie-httponly
session.cookie_httponly =
在服务器端，同样也可以通过多种方式来存储会话。默认会话存储在文件中，此时session.save_path为创建存储文件的路径。

; Handler used to store/retrieve data.
; http://php.net/session.save-handler
session.save_handler = files

; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; The path can be defined as:
;
; session.save_path = "N;/path"
;
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is