PHP Sessions

Session handling is a key concept in PHP that enables user information to be persisted across all the pages of a website or app. In  other words . An alternative way to make data accessible across the various pages of an entire website is to use a PHP Session.

A session creates a file in a temporary directory on the server where registered session variables and their values are stored. This data will be available to all pages on the site during that visit.

The location of the temporary file is determined by a setting in the php.ini file called session.save_path. Before using any session variable make sure you have setup this path.

When a session is started following things happen .

PHP first creates a unique identifier for that particular session which is a random string of 32 hexadecimal numbers such as 3c7foj34c3jj973hjkop2fc937e3443.

A cookie called PHPSESSID is automatically sent to the user's computer to store unique session identification string.

A file is automatically created on the server in the designated temporary directory and bears the name of the unique identifier prefixed by sess_  ie sess_3c7foj34c3jj973hjkop2fc937e3443.

When a PHP script wants to retrieve the value from a session variable, PHP automatically gets the unique session identifier string from the PHPSESSID cookie and then looks in its temporary directory for the file bearing that name and a validation can be done by comparing both values.

A session ends when the user loses the browser or after leaving the site, the server will terminate the session after a predetermined period of time, commonly 30 minutes duration.

Starting a PHP Session

 The first step is to start up a session. After a session is started, session variables can be created to store information. The PHP session_start() function is used to begin a new session.It als creates a new session ID for the user. Below is the PHP code to start a new session.

<?php

session_start();

?>

Storing Session Data

Session data in key-value pairs using the $_SESSION[] superglobal array.The stored data can be accessed during lifetime of a session.

Below is the PHP code to store a session with two session variables Rollnumber and Name.

<?php

session_start();

$_SESSION["Rollnumber"] = "11";

$_SESSION["Name"] = "Ajay";

?>

Accessing Session Data

Data stored in sessions can be easily accessed by firstly calling session_start() and then by passing the corresponding key to the $_SESSION associative array.

The PHP code to access a session data with two session variables Rollnumber and Name is shown below.

<?php

session_start();

echo 'The Name of the student is :' . $_SESSION["Name"] . '<br>';

echo 'The Roll number of the student is :' . $_SESSION["Rollnumber"] . '<br>';

?>

Output - 

The Name of the student is :Ajay 

The Roll number of the student is :11

Destroying Certain Session Data

To delete only a certain session data,the unset feature can be used with the corresponding session variable in the $_SESSION associative array.

The PHP code to unset only the “Rollnumber” session variable from the associative session array.

<?php

session_start();

if(isset($_SESSION["Name"])){

unset($_SESSION["Rollnumber"]);

}

?>

Destroying Complete Session

The session_destroy() function is used to completely destroy a session. The session_destroy() function does not require any argument.

<?php

session_start();

session_destroy();

?>

Key Points

The session IDs are randomly generated by the PHP engine .

The session data is stored on the server therefore it doesn’t have to be sent with every browser request.

The session_start() function needs to be called at the beginning of the page, before any output is generated by the script in the browser.