Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Sessions in PHP

session

  • Please log in to reply
8 replies to this topic

#1 Vswe

Vswe

    CC Leader

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1989 posts
  • Programming Language:Java, C#, PHP, Python, JavaScript, PL/SQL, Visual Basic .NET, Lua, ActionScript

Posted 09 November 2009 - 09:15 AM

Sessions is a good way for storing temporary data between your pages. A session is usually closed pretty fast after that the user have left the site so as I said, it's good for temporary storage, an example is the user's name or items the user have put in his/her shopping cart.




Starting a Session

To use a session you first have to start it, the session must be started before anything is sent to the page so you can't have any html tags before you starts the session. To start a new session you do like this:

<?php
session_start();
?>



But since there's no point in starting a session that is already started we can first check if there's any sessions:

<?php 
if(!isset($_SESSION))
{
session_start();
}
?>







Session variables

The data stored in a session is stored in different session variables, to read or write from/to a session variable you use $_SESSION['']; together with the name of the session.


An example on writing:

<?php 
$_SESSION['username'] = "Me";
?>



An example on reading:

<?php 
echo "Hello " . $_SESSION['username'] . "!";
?>



If you want to check if a session variable has been set you only use isset on the session variable, like so:

<?php 
if (isset($_SESSION['username'])) {
echo "The session variable called username as the value " . $_SESSION['username'];
}else{
echo "The session variable called username haven't been set yet.";
}

?>






Remove session variables

You can also delete a session variable and all its info by using unset. Make sure this session variable exists first since there no point trying to remove anything that doesn't exists. Remember that this info will be lost forever. Here comes an example on how you can use unset after you've checked if the session variable exists:


<?php

if (isset($_SESSION['username'])) {
echo "Bye " . $_SESSION['username'];
unset($_SESSION['username']);
}

?>




Destroying your session

If you're completely finished with the whole session you can remove it. This will make all your information disappear so only use it when you don't have any necessary information in it left, also remember to make sure that's the case. Same here, there's no idea to try to delete a session that doesn't exist so before destroying the session (by using session_destroy();) it could be a good idea to check if it exists. Here's how you do it:



<?php 
if(isset($_SESSION))
{
session_destroy();
}
?>




That was everything for this tutorial. If you wonder anything just ask :)
  • 1

#2 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 10 November 2009 - 05:26 AM

You should also regenerate the session ID at each page to prevent session hijacking. Nicely done, +rep!
  • 0

#3 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 13 November 2009 - 08:23 AM

Nice +rep
  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#4 tonymorrison39

tonymorrison39

    CC Newcomer

  • Just Joined
  • PipPip
  • 20 posts

Posted 21 November 2009 - 08:28 AM

thanks i appreciate the info
  • 0

#5 hardinera

hardinera

    CC Regular

  • Just Joined
  • PipPipPip
  • 41 posts

Posted 17 February 2010 - 10:03 PM

i get undefined index when using session >.> whats that?? -.-


i solved the problem lol thanks for the post ^_^

Edited by hardinera, 17 February 2010 - 11:40 PM.
i already solved my problem code

  • 0

#6 Sphexa

Sphexa

    CC Newcomer

  • Just Joined
  • PipPip
  • 19 posts

Posted 01 March 2010 - 11:05 AM

Great tutorial +rep
  • 0

#7 kimjones

kimjones

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 16 March 2010 - 06:12 AM

thank you for providing well detailed tutorials here. I have been trying to learn Php from other sites but this site gives me exactly what I am looking for.

________________________________
DUI Texas
  • 0

#8 SoN9ne

SoN9ne

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 118 posts
  • Programming Language:Java, PHP, JavaScript, Bash
  • Learning:C, Objective-C

Posted 23 March 2010 - 03:22 PM

Great tutorial, I have one suggestion.

For the destroy session it should be (according to php.net):
<?php
if (isset($_SESSION)) {
	// Unset all of the session variables.
	$_SESSION = array();
	
	// If it's desired to kill the session, also delete the session cookie.
	// Note: This will destroy the session, and not just the session data!
	if (ini_get("session.use_cookies")) {
	    $params = session_get_cookie_params();
	    setcookie(session_name(), '', time() - 42000,
	        $params["path"], $params["domain"],
	        $params["secure"], $params["httponly"]
	    );
	}
	
	// Finally, destroy the session.
	session_destroy();	
}
?>

There should be some security measures in place for Sessions but it's still a great start!

Edited by SoN9ne, 06 April 2010 - 11:59 AM.

  • 0

#9 Prog4rammer

Prog4rammer

    CC Newcomer

  • Just Joined
  • PipPip
  • 14 posts

Posted 09 August 2010 - 04:02 AM

nice and Very Simple :)
  • 0





Also tagged with one or more of these keywords: session

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download