PHP Session

Session is a an ongoing interaction between a client and server. During the lifetime of a session you can store information related to a session. This is used commonly for shopping carts and similar web widgets/elements.

•Session is identified using a session ID
•The session ID is transmitted between the client and server with each HTTP request and response
•Client keeps track of a session through the use of a cookie
•Server keeps track of a session through locally stored text files or a database

 

PHP sessions use underlying technologies of either Cookies (default) or URL rewriting. Information associated with a session is stored via name/value pairs and can be stored in the $_SESSION associative array. You use this array to both store and retrieve session data.

Simplest Example. To create a session use the session_start() function.

•Because of the dual purpose of session_start(), i.e., it can initialize a session or access an existing one, the PHP code must have a method for identifying whether a session has already been initiated.

PHP Code to start session and create session variable

<?php  

session_start(); 

// store session data   
 $_SESSION['views'] = 1; 

//retrieve data 
echo "Pageviews = ". $_SESSION['views'];  


?>  

 

Try it.


Storing session variables and retrieving later

When you create a variable and store it in a session, you probably want to use it in the future.

However, before you use a session variable it is necessary that you check to see if it exists already!

This is where PHP's isset function comes in handy. isset is a function that takes any variable you
want to use and checks to see if it has been set. That is, it has already been assigned a value.

PHP Code to check if session variable exists.

<?php  

session_start();
//if session variable already exists then increment it by 1 //else set to 1
if(isset($_SESSION['views']))
$_SESSION['views'] = $_SESSION['views']+ 1;
else
$_SESSION['views'] = 1; echo "views = ". $_SESSION['views']; ?>

Try it

The first time you run this script on a freshly opened browser the if statement will fail because no session variable views would have been stored yet. However, if you were to refresh the page the if statement would be true and the counter would increment by one. Each time you reran this script you would see an increase in view by one.


Ending the session

Although a session's data is temporary and does not require that you explicitly clean after yourself, you may wish to delete some data for your various tasks.

•To prevent security risks due to someone hijacking an old session and to avoid clogging the server with unused sessions, the server will clean up old sessions after a specified timeout period.

 

Session ending is not automatic. However,

Imagine that you were running an online business and a user used your website to buy your goods. The user has just completed a transaction on your website and you now want to remove everything from their shopping cart which has been associated with the session variable 'cart'.

PHP Code to remove session variable

<?php  
session_start();    

//removes session variable cart if it exists
if(isset($_SESSION['cart']))      
   unset($_SESSION['cart']);   

?>  

You can also completely destroy the session entirely by calling the session_destroy function.

PHP Code to end the session

<?php  
session_start();   

//intermediate code
//.....


//ready to destory session
session_destroy();  
?>  

Destroy will reset your session, so don't call that function unless you are entirely comfortable losing all your stored session data!

 

 

© Lynne Grewe