In the context of PHP, a
"session" is the time that a user spends on a web site. Users may view many other Web pages between the time they enter this particular site and then leave it. Often, information for the complete session is very desirable. Beginning with version 4.0, PHP provides a way to do this.
A PHP Session allows certain data to be preserved across an access span, by assigning a unique ID called
"Session ID", to each visitor to the site. This Session ID can be stored as a cookie at the client end, or passed through a URL. A PHP Session also enables the registration of arbitrary numbers of variables to be preserved across requests.
PHP allows a session to be set up and session variables to be stored. After the session is created, session variables are available to the page visitor on other pages. To make this session information available, PHP does the following:
- PHP assigns a session ID number.
- The number is a really long alphanumeric number that is unique to the user and that cannot possibly be guessed by anyone else. The session ID is stored in a PHP system variable named PHPSESSID.
- PHP stores the variables to be saved for the session in a file on the server.
- The file is named with the session ID number. It is stored in a directory specified by session.save_path in the php.ini file. The session directory must exist before session files can be saved in it.
PHP passes the session ID number to every page.
If the user has cookies turned on, PHP passes the session ID by using cookies. If the user has cookies turned off, the session can also be tracked by passing PHPSESSID as a GET variable to every page that participates in that session.
PHP gets the variables from the session file for each new session page.
Whenever a user opens a new page that is part of the session, PHP gets the variables from the file by using the session ID number that was passed from the previous page. The variables are available in the $_SESSION array.