session and cookies arewebsiteTwo more common concepts in browsing are also two more difficult to distinguish, but they are in click streams and based on user browsing behavior.websiteBut it is quite critical in the analysis. Based on the reference of some online articles and materials and the author's personal application experience, we will give a brief explanation and analysis of these two concepts. I hope to discuss them with you.
The biggest difference between session and cookies is that session is stored in the memory of the server, while cookies are stored in the browser or client file; session is based on the access process, recording the beginning to the end of an access. When the browser or process is closed, the session "disappears", and cookies are more used to identify users. It can be long-lasting and used to track and identify unique users (Unique Visitor).
About sessionThe session is used to represent a continuous connection state,websiteAccess generally refers to the process from the start to the end of the client browser. session is actuallywebsiteAnalyzed visits measure, representing the process of access.
The common implementation form of session is session cookies (session cookies), that is, cookies whose expiration time is not set. The default life cycle of this cookie is during the browser session. As long as the browser window is closed, the cookie disappears. The implementation mechanism is when the user initiates a request.serverWill check whether the sessionid is included in the request. If not, the system will create an output cookie called JSESSIONID to return to the browser (Only put in memory, not in hard disk) and write it to the form of a HashTableserverIn the memory of the memory; when the sessionid is already included, the server will check to find information matching the session. If it exists, it will use the sessionid directly. If it does not exist, a new session will be regenerated. It should be noted here that the session is always created by the server and is not generated by the browser itself.
However, after the browser's cookie is prohibited, the session needs to be implemented using the URL rewrite mechanism of the get method or the form of submitting hidden forms using the POST method.
Here is a very important point of attention, that is,session expiration timeThe settings of the website need to be divided into two aspects: the browser side and the server side. For the browser side, the session is directly related to the access process. When the browser is closed, the session also disappears;serverThe session failure time of the end is generally set by man-made, with the purpose of releasing memory space regularly and reducingserverPressure, generally set to when the session is inInactive statusClear the session when it reaches 20 or 30 minutes, so the session on the browser and server side does not disappear at the same time, and the interruption of the session does not necessarily mean that the user must leave thewebsite. Currently, Google Analytics and Omniture both define that when there is no action at intervals of 30 minutes, it is considered as the end of one visit. Therefore, the last step of the session in the above picture is not only to leave, but may also be a state of stillness, dormant or dazed.
Another thing to note is that today's browsers seem to tend to share sessions with multiple processes, that is, open multiple processes through multiple tags or pages to access the samewebsiteShare a session cookie, which will be cleared only when the browser is closed, that is, you may have closed thewebsite, but as long as the browser is not closed andserverRestart the session before it expireswebsite, then use the original session to browse; and some browsers may also establish independent sessions when opening multiple pages. IE8 and Chrome share sessions by default. In IE8, you can create an independent session browsing page through File->New Session in the menu bar.
About cookiesA cookie is a small piece of text information that is accompanied by user requests and pages on the WebserverPass between browser. Every time a user visits a site, the web application can read the information contained in the cookie.
The common method of the session implementation mechanism has introduced the method of using session cookies (session cookies), and the usual cookies mainly refer to another type of cookies - persistent cookies. Persistent cookies meanStored on client hard drivecookie information (set a certain validity period) when the user accesses a certainwebsiteWhen the browser searches for the local hard disk with thewebsiteThe associated cookies. If the cookie exists, the browser will send it to your site via HTTP header information along with the page request, and then the system will compare whether the attributes and values in the cookie are stored with each other.serverThe information on the end is consistent, and the user is determined to be a "first visitor" or "old customer" based on the comparison results.
Persistent cookies generally save the user's user ID, which is the information when the user registers or logs in for the first time.serverGenerate cookies containing domain names and related information and send them to the client's hard disk file, and set the expire time of the cookies to facilitate automatic login andwebsiteContent customization.
Apache's own mod_usertrack module can be used to reach the current user for the first timewebsiteWhen planting a unique cookie for the user (expired for a long time), this cookie is the first time the user has come to the current situation.websiteThe IP address is composed of a random string. At the same time, adding the %{cookie}n field to the custom WEB log can realize the output of cookies in the apache log for data statistics and user tracking.