$_SESSION

$HTTP_SESSION_VARS [已弃用]

$_SESSION -- $HTTP_SESSION_VARS [已弃用] — Session 变量

说明

当前脚本可用 SESSION 变量的数组。更多关于如何使用的信息，参见 Session 函数文档。

$HTTP_SESSION_VARS 包含相同的信息，但它不是一个超全局变量。 (注意 $HTTP_SESSION_VARS 和 $_SESSION 是不同的变量，PHP 处理它们的方式不同)

更新日志

版本	说明
4.1.0	引入 `$_SESSION`，弃用 `$HTTP_SESSION_VARS`。

注释

Note:
“Superglobal”也称为自动化的全局变量。这就表示其在脚本的所有作用域中都是可用的。不需要在函数或方法中用 global $variable; 来访问它。

参见

session_start() - Start new or resume existing session

PHP手册 - N: Session 变量

用户评论:

pike-php at kw dot nl (07-Feb-2011 02:00)

When accidently assigning a unset variable to $_SESSION, like $_SESSION['foo'] = $bar while $bar was not defined, I got the following error message: "Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. " The errormessage was quite unrelated and got me off-track. The real error was, $bar was not defined.

Dave (17-Nov-2009 10:05)

If you deploy php code and cannot control whether register_globals is off, place this snippet in your code to prevent session injections: <?php if (isset($_REQUEST['_SESSION'])) die("Get lost Muppet!"); ?>

charlese at cvs dot com dot au (05-Jul-2009 02:47)

I was having troubles with session variables working in some environments and being seriously flaky in others. I was using $_SESSION as an array. It works properly when I used $_SESSION as pointers to arrays. As an example the following code works in some environments and not others. <?php //Trouble if I treate $form_convert and $_SESSION['form_convert'] as unrelated items $form_convert=array(); if (isset($_SESSION['form_convert'])){ $form_convert=$_SESSION['form_convert']; } } ?> The following works well. <?php if (isset($_SESSION['form_convert'])){ $form_convert = $_SESSION['form_convert']; }else{ $form_convert = array(); $_SESSION['form_convert']=$form_convert; } ?>

bohwaz (31-Aug-2008 10:43)

Please note that if you have register_globals to On, global variables associated to $_SESSION variables are references, so this may lead to some weird situations. <?php session_start(); $_SESSION['test'] = 42; $test = 43; echo $_SESSION['test']; ?> Load the page, OK it displays 42, reload the page... it displays 43. The solution is to do this after each time you do a session_start() : <?php if (ini_get('register_globals')) { foreach ($_SESSION as $key=>$value) { if (isset($GLOBALS[$key])) unset($GLOBALS[$key]); } } ?>

Steve Clay (17-Aug-2008 02:28)

Unlike a real PHP array, $_SESSION keys at the root level must be valid variable names. <?php $_SESSION[1][1] = 'cake'; // fails $_SESSION['v1'][1] = 'cake'; // works ?> I imagine this is an internal limitation having to do with the legacy function session_register(), where the registered global var must similarly have a valid name.

jherry at netcourrier dot com (02-Aug-2008 12:16)

You may have trouble if you use '|' in the key: $_SESSION["foo|bar"] = "fuzzy"; This does not work for me. I think it's because the serialisation of session object is using this char so the server reset your session when it cannot read it. To make it work I replaced '|' by '_'.