Sessions in PHP

Sessions in PHP


• Hmm....so what are sessions actually???? 

• A session is a semi-permanent interactive information interchange, also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a computer and user.

• A session is set up or established at a certain point in time, and torn down at a later point in time.

• A session is typically, but not always, stateful, meaning that at least one of the communicating parts needs to save information about the session history in order to be able to communicate, as opposed to stateless communication, where the communication consists of independent requests with responses and HTTP communication is stateless.

• why use them???

• As a website becomes more sophisticated, so must the code that backs it. When you get to a stage where your website need to pass along user data from one page to another, it might be time to start thinking about using sessions.

• A normal HTML website will not pass data from one page to another. In other words, all information is forgotten when a new page is loaded. This makes it quite a problem for tasks like a shopping cart, which requires data(the user's selected product) to be remembered from one page to the next.

• PHP session solves this problem by allowing you to store user information on the server for later use (i.e. username, shopping cart items, etc). However, this session information is temporary and is usually deleted very quickly after the user has left the website that uses sessions.

• It is important to ponder if the sessions' temporary storage is applicable to your website. If you require a more permanent storage you will need to find another solution, like a MySQL database.

• Sessions work by creating a unique identification(UID) number for each visitor and storing variables based on this ID. This helps to prevent two users' data from getting confused with one another when visiting the same webpage.

• Note: If you are not experienced with session programming it is not recommended that you use sessions on a website that requires high-security, as there are security holes that take some advanced techniques to plug.



• Starting a php session:

• Before you can begin storing user information in your PHP session, you must first start the session. When you start a session, it must be at the very beginning of your code, before any HTML or text is sent.

• Below is a simple script that you should place at the beginning of your PHP code to start up a PHP session:

<?php

session_start();

?>

• This tiny piece of code will register the user's session with the server, allow you to start saving user information and assign a UID (unique identification number) for that user's session.

• Storing session variable:

• When you want to store user data in a session use the $_SESSION array. This is where you both store and retrieve session data.

• PHP Code:

<?php

session_start();

$_SESSION[‘views’]=1; //storing data in a session

echo “Pageviews = ”.$_SESSION[‘views’]; //retrieving data 4m session

?>



Display:

Pageviews = 1

• In this example we learned how to store a variable to the session array $_SESSION and also how to retrieve data from that same array.

• Php sessions-using php’s isset function:

<?php

session_start();

if(isset($_SESSION[‘views’]))

$_SESSION[‘views’]=$_SESSION[‘views’]+1;

else

$_SESSION[‘views’]=1;

echo “views=”.$_SESSION[‘views’];

?>

• The first time you run this script on a freshly opened browser the if statement will fail because no session variable views would have been stored yet. However, if you were to refresh the page the if statement would be true and the counter would increment by one. Each time you reran this script you would see an increase in view by one.

• Cleaning and destroying your session:

• If you wish to delete some session data, you can use the unset() or the session_destroy() function.

• The unset() function is used to free the specified session variable:

<?php

unset($_SESSION[‘views’]);

?>

• You can also completely destroy the session by calling the session_destroy() function:

<?php

session_destroy();

?>

• Note: session_destroy() will reset your session and you will lose all your stored session data.