在結合session_start()時，怎樣利用SessionHandler::create_sid函數定制專屬的會話ID？

M66 2025-06-21

3. 實現步驟示例

<span><span><span class="hljs-meta">&lt;?php</span></span><span>
</span><span><span class="hljs-comment">// 自定義SessionHandler</span></span><span>
</span><span><span class="hljs-class"><span class="hljs-keyword">class</span></span></span><span> </span><span><span class="hljs-title">CustomSessionHandler</span></span><span> </span><span><span class="hljs-keyword">extends</span></span><span> </span><span><span class="hljs-title">SessionHandler</span></span><span>
{
    </span><span><span class="hljs-keyword">public</span></span><span> </span><span><span class="hljs-function"><span class="hljs-keyword">function</span></span></span><span> </span><span><span class="hljs-title">create_sid</span></span><span>(</span><span><span class="hljs-params"></span></span><span>)
    {
        </span><span><span class="hljs-comment">// 這里以16字節隨機字符串 + 當前時間戳構成會話ID，保證唯一且難以預測</span></span><span>
        </span><span><span class="hljs-keyword">return</span></span><span> </span><span><span class="hljs-title function_ invoke__">bin2hex</span></span><span>(</span><span><span class="hljs-title function_ invoke__">random_bytes</span></span><span>(</span><span><span class="hljs-number">16</span></span><span>)) . </span><span><span class="hljs-string">'-'</span></span><span> . </span><span><span class="hljs-title function_ invoke__">time</span></span><span>();
    }
}

</span><span><span class="hljs-comment">// 实例化自定義的處理器</span></span><span>
</span><span><span class="hljs-variable">$handler</span></span><span> = </span><span><span class="hljs-keyword">new</span></span><span> </span><span><span class="hljs-title class_">CustomSessionHandler</span></span><span>();

</span><span><span class="hljs-comment">// 设置自定義的Session處理器</span></span><span>
</span><span><span class="hljs-title function_ invoke__">session_set_save_handler</span></span><span>(</span><span><span class="hljs-variable">$handler</span></span><span>, </span><span><span class="hljs-literal">true</span></span><span>);

</span><span><span class="hljs-comment">// 啟動Session，使用自定義会话ID生成規則</span></span><span>
</span><span><span class="hljs-title function_ invoke__">session_start</span></span><span>();

</span><span><span class="hljs-keyword">echo</span></span><span> </span><span><span class="hljs-string">"當前Session ID："</span></span><span> . </span><span><span class="hljs-title function_ invoke__">session_id</span></span><span>();
</span><span><span class="hljs-meta">?&gt;</span></span><span>
</span></span>

4. 說明與註意事項

session_set_save_handler()的第二個參數設為true ，意味著PHP會自動調用註冊的處理器實現的open() , close() , read() , write() , destroy() , gc()等方法。繼承SessionHandler後，默認行為保留，無需全部重寫。
create_sid()僅負責生成會話ID，不涉及會話數據的存儲邏輯。
生成的ID應足夠隨機且唯一，避免會話ID衝突。
自定義會話ID後，舊會話ID格式可能不兼容，需謹慎上線。

相關標籤:
SessionHandler