Friday, May 6, 2011

PHP Session - Starting Session, Modifying Session and Deleting Session

In the context of PHP, a "session" is the time that a user spends on a web site. Users may view many other Web pages between the time they enter this particular site and then leave it. Often, information for the complete session is very desirable. Beginning with version 4.0, PHP provides a way to do this.

A PHP Session allows certain data to be preserved across an access span, by assigning a unique ID called "Session ID", to each visitor to the site. This Session ID can be stored as a cookie at the client end, or passed through a URL. A PHP Session also enables the registration of arbitrary numbers of variables to be preserved across requests.
PHP allows a session to be set up and session variables to be stored. After the session is created, session variables are available to the page visitor on other pages. To make this session information available, PHP does the following:
  • PHP assigns a session ID number.
  • The number is a really long alphanumeric number that is unique to the user and that cannot possibly be guessed by anyone else. The session ID is stored in a PHP system variable named PHPSESSID.
  • PHP stores the variables to be saved for the session in a file on the server.
  • The file is named with the session ID number. It is stored in a directory specified by session.save_path in the php.ini file. The session directory must exist before session files can be saved in it.
PHP passes the session ID number to every page.
If the user has cookies turned on, PHP passes the session ID by using cookies. If the user has cookies turned off, the session can also be tracked by passing PHPSESSID as a GET variable to every page that participates in that session.
PHP gets the variables from the session file for each new session page.
Whenever a user opens a new page that is part of the session, PHP gets the variables from the file by using the session ID number that was passed from the previous page. The variables are available in the $_SESSION array.



 A session is a way to store information (in the form of variables) to be used across multiple pages. Unlike a cookie, specific variable information is not stored on the users computer. It is also unlike other variables in the sense that we are not passing them individually to each new page, but instead retrieving them from the session we open at beginning of each page.

Call this code mypage.php

<?php
 // this starts the session
 session_start();

 // this sets variables in the session
 $_SESSION['color']='red';
 $_SESSION['size']='small';
 $_SESSION['shape']='round';
 print "Done";
 ?> 

The first thing we do with this code, is open the session using session_start(). We then set our first session variables (color, size and shape) to be red, small and round respectively.
Just like with our cookies, the session_start() code must be in the header and you can not send anything to the browser before it. It's best to just put it directly after the "<?php" to avoid potential problems.
So how will it know it's me? Most sessions set a cookie on your computer to uses as a key... it will look something like this: 350401be75bbb0fafd3d912a1a1d5e54. Then when a session is opened on another page, it scans your computer for a key. If there is a match, it accesses that session, if not it starts a new session for you.

Now we are going to make a second page. We again will start with session_start() (we need this on every page) - and we will access the session information we set on our first page. Notice we aren't passing any variables, they are all stored in the session.
Call this code mypage2.php
<?php
 // this starts the session
 session_start();

 // echo variable from the session, we set this on our other page
 echo "Our color value is ".$_SESSION['color'];
 echo "Our size value is ".$_SESSION['size'];
 echo "Our shape value is ".$_SESSION['shape'];
 ?> 

All of the values are stored in the $_SESSION array, which we access here. Another way to show this is to simply run this code:

<?php
 session_start();
 Print_r ($_SESSION);
 ?> 

You can also store an array within the session array. Let's go back to our mypage.php file and edit it slightly to do this:
<?php
 session_start();

 // makes an array
 $colors=array('red', 'yellow', 'blue');
 // adds it to our session
 $_SESSION['color']=$colors;
 $_SESSION['size']='small';
 $_SESSION['shape']='round';
 print "Done";
 ?> 

Now let's run this on mypage2.php to show our new information:
<?php
 session_start();
 Print_r ($_SESSION);
 echo "<p>";

 //echo a single entry from the array
 echo $_SESSION['color'][2];
 ?> 

<?php
 // you have to open the session to be able to modify or remove it
 session_start();

 // to change a variable, just overwrite it
 $_SESSION['size']='large';

 //you can remove a single variable in the session
 unset($_SESSION['shape']);

 // or this would remove all the variables in the session, but not the session itself
 session_unset();

 // this would destroy the session variables
 session_destroy();
 ?> 

The code above demonstrates how to edit or remove individual session
variables, or the entire session. To change a session variable we just
reset it to something else. We can use unset() to remove a single variable, or session_unset() to remove all variables for a session. We can also use session_destroy() to destroy the session completely.

By default a session lasts until the user closes their browser. This can be changed in the php.ini file by change the 0 in session.cookie_lifetime = 0 to be the number of seconds you want the session to last, or by using session_set_cookie_params().

No comments:

Post a Comment