在 WEB 系统中。 我们通常会用session来保存一些简单可是却非常重要的信息。比方Asp.net中常常会用Session来保存用户登录信息,比方UserID。为了解决 WEB场大家採用了把session存在DB中,session过期大家一般都採用页面跳转,即再次登录,login后又返回页面。
个人认为以上设计不是非常好, 对于web场,假设我们把session存在DB那么新能应该比存内存要慢。所以推荐用分布式缓存的方式来存取Session。 对于Session过期我建议採用cookie来做。在大型站点中Session应该慎用,毕竟它占用server的内容。一个人用户session假设占用1k的空间,那么100W用户同一时候在线
Session要占用多大空间. 曾经我把userID 直接存cookie会有浏览器串cookie的问题,比方我用IE login use1,用FF login user2,发现后面login的user信息会覆盖前面login user的值。
回来发现session过期了,可是sessionID还在,而且该值在cookie里面。
实现code 例如以下:
核心code:
string UserID
{
get
{
if (Session["UserID"] != null)
{
return Session["UserID"].ToString();
}
if (Request.Cookies[Session.SessionID.ToString()] != null)
{
string cv=Request.Cookies[Session.SessionID].Value;
Session["UserID"] = cv;
return cv;
}
return string.Empty;
}
set
{
Session["UserID"] = value;
string key = Session.SessionID.ToString();
HttpCookie kc = new HttpCookie(key, value);
kc.HttpOnly = true;
Response.Cookies.Add(kc);
}
}
public partial class WebForm1 : System.Web.UI.Page
{
protected void btnSet_Click(object sender, EventArgs e)
{
Session["name"] = "majiang";
this.lblSet.Text = "Session ID:" + Session.SessionID.ToString();
}
protected void btnGet_Click(object sender, EventArgs e)
{
labGet.Text = "Session ID:" + Session.SessionID.ToString();
if (Session["name"] != null)
{
labGet.Text += "<br/>" + Session["name"].ToString();
}
}
Dictionary<string, string> dict = new Dictionary<string, string>();
protected void Page_Load(object sender, EventArgs e)
{
dict.Add("1", "majiang");
dict.Add("2", "Gavin");
}
string UserID
{
get
{
if (Session["UserID"] != null)
{
return Session["UserID"].ToString();
}
if (Request.Cookies[Session.SessionID.ToString()] != null)
{
string cv=Request.Cookies[Session.SessionID].Value;
Session["UserID"] = cv;
return cv;
}
return string.Empty;
}
set
{
Session["UserID"] = value;
string key = Session.SessionID.ToString();
HttpCookie kc = new HttpCookie(key, value);
kc.HttpOnly = true;
Response.Cookies.Add(kc);
}
}
protected void btnSetwithCookie_Click(object sender, EventArgs e)
{
UserID = this.txtuserID.Text.Trim();
this.labsetCookie.Text = Session.SessionID.ToString();
}
protected void btnGetWithCookie_Click(object sender, EventArgs e)
{
this.labGetCookie.Text = "Session ID:" + Session.SessionID.ToString();
labGetCookie.Text += "<br/>" + dict[UserID].ToString();
}
}
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm1.aspx.cs" Inherits="SessionTest.WebForm1" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Button ID="btnSet" runat="server" Text="Set Session" OnClick="btnSet_Click" />
<asp:Button ID="btnGet" runat="server" Text="Get Session" OnClick="btnGet_Click" />
<br />
SET: <asp:Label ID="lblSet" runat="server" Text=""></asp:Label>
<br />
Get: <asp:Label ID="labGet" runat="server" Text=""></asp:Label>
</div>
userID:<asp:TextBox ID="txtuserID" runat="server"></asp:TextBox>
<div>
<table>
<tr><td><asp:Button ID="btnSetwithCookie" runat="server" Text="Set With Cookie" OnClick="btnSetwithCookie_Click" /></td><td><asp:Button ID="btnGetWithCookie" runat="server" Text="Get With Cookie" OnClick="btnGetWithCookie_Click" /></td></tr>
<tr><td><asp:Label ID="labsetCookie" runat="server"></asp:Label> </td><td><asp:Label ID="labGetCookie" runat="server"></asp:Label></td></tr>
</table>
</div>
</form>
</body>
</html>
实现的效果如图:
看看HTTP的请求:
