PHP Sessions

PHP session is a consistent way of preserve certain data before serving output to the page, which is used to access data on across pages.

When a website visitor visits a website, This website allocates a unique id to this user. Which is called session id. It either stores in a cookie or is propagated in the URL on the user side.

When a user allocates a session id, This session-id also stores in HTTP request variable $_SESSION superglobal array.

 

How session works

• When a visitor accesses your site, PHP will check automatically (if session.auto_start is set to 1) or on your request (explicitly through session_start()).

• whether a specific session id has been sent with the request.

• If this is the case, the prior saved environment is recreated.

• When a session is started, PHP will either retrieve an existing session using the ID passed (usually from a session cookie) or if no session is passed it will create a new session.

• PHP will populate the $_SESSION superglobal with any session data after the session has started.

• When PHP shuts down, it will automatically take the contents of the $_SESSION superglobal, serialize it, and send it for storage using the session save handler.

 

Requirements

No external libraries are needed to build this extension.

 

Installation

Session support is enabled in PHP by default. If you would not like to build your PHP with session support, you should specify the --disable-session option to configure. To use shared memory allocation (mm) for session storage configure PHP --with-mm[=DIR].

The Windows version of PHP has built-in support for this extension. You do not need to load any additional extensions in order to use these functions.

 

Runtime Configuration

The behavior of these functions is affected by settings in php.ini.

 

Session configuration options

Resource Types

This extension has no resource types defined.

 

Predefined Constants

• SID -- Constant containing either the session name and session ID in the form of "name=ID" or empty string if session ID was set in an appropriate session cookie. This is the same id as the one returned by session_id().

• PHP_SESSION_DISABLED -- Since PHP 5.4.0. Return value of session_status() if sessions are disabled.

• PHP_SESSION_NONE -- Since PHP 5.4.0. Return value of session_status() if sessions are enabled, but no session exists.

• PHP_SESSION_ACTIVE -- Since PHP 5.4.0. Return value of session_status() if sessions are enabled, and a session exists.

 

Session are a simplest path to store individual user’s information against a unique session id. Session id sents to the browser via session cookies, session id is used to retrieve session data.

 

How to create a session with session variable

session_start();

$_SESSION['name'] = 'David joy';

Counting attempt of sessions during access of web access

session_start();

$_SESSION['count'] = 0;

if( ! isset( $_SESSION['count'] ) )
{
  $_SESSION['count'] = 0;
}
else
{
  $_SESSION['count']++;
}

// this code return no. of session attempt during web access

How to unset a specific session variable

session_start();

$_SESSION['name'] = 'David joy';

unset( $_SESSION['name'] ); // this will unset session variable named - 'name'

How to completely unset & destroy session

session_unset(); // it will unset all created session variables
session_destroy(); // it will destroy session completely

How to pass a session id between remote browser [client] and servers

PHP uses two methods to propagate a session id:

• Cookies

• URL parameter

 

In previous example cookie method used to passing session id.

 

Example of passing session id via URL parameters:

session_start();

if (empty($_SESSION['count'])) {
   $_SESSION['count'] = 1;
} else {
   $_SESSION['count']++;
}

 

 

Session functions

• session_abort — Discard session array changes and finish session
• session_cache_expire — Return current cache expire
• session_cache_limiter — Get and/or set the current cache limiter
• session_commit — Alias of session_write_close
• session_create_id — Create new session id
• session_decode — Decodes session data from a session encoded string
• session_destroy — Destroys all data registered to a session
• session_encode — Encodes the current session data as a session encoded string
• session_gc — Perform session data garbage collection
• session_get_cookie_params — Get the session cookie parameters
• session_id — Get and/or set the current session id
• session_is_registered — Find out whether a global variable is registered in a session
• session_module_name — Get and/or set the current session module
• session_name — Get and/or set the current session name
• session_regenerate_id — Update the current session id with a newly generated one
• session_register_shutdown — Session shutdown function
• session_register — Register one or more global variables with the current session
• session_reset — Re-initialize session array with original values
• session_save_path — Get and/or set the current session save path
• session_set_cookie_params — Set the session cookie parameters
• session_set_save_handler — Sets user-level session storage functions
• session_start — Start new or resume existing session
• session_status — Returns the current session status
• session_unregister — Unregister a global variable from the current session
• session_unset — Free all session variables
• session_write_close — Write session data and end session

Note : - There are provided PHP’s predefined session’s classes with it’s in-built functions

SessionHandler

SessionHandlerInterface

SessionIdInterface

SessionUpdateTimestampHandlerInterface