What is session?
In php, session is a global variable used store some information about website visitors. With the help of this stored information inside a variable, a user is identified across multiple pages within a website. The session remains valid till the browser is running. Once user closes the browser all user information stored in variable along with the session is destroyed.
Before using the session variable in a website page, we need to start the session in that page. Though, session variable is global but we need to start session for each pages where we look to use session variable.
How php session works
When a session is started, a session id named PHPSESSIDis created by the server automatically. It is sent to the client machine via session cookies. PHPSESSID is stored in the browser as a cookies and in all subsequent visits to the server, it is used to identify the client. But, it is stored there till the session is valid once browser is closed PHPSESSID deleted automatically. If client revisits the server a new PHPSESSID is created.
Recommended Read,
How to store OTP in in php session variable
Why do we need session?
HTTP is a stateless protocol. So, it sees all requests from the single client to the same server as a diffrent request. A server is accessed by http address only and since, HTTP does not store user state, a server can not guess in any way how many pages did user visited, or how much time did he spent in the website. So in order to identify a specific user across multiple pages, server employs a mechanism called session.
How session is started in php?
<?php session_start(); ?>
How session variable created?
<?php $_SESSION['variable'] = value; ?>
Always start a session before using session variable.
Destroy a PHP Session
To remove a global session variable use,
session_unset().
And to destroy complete session , try session_destroy()
.
Implement a login system in php using session
if(isset($_SESSION['username'])){
header("location:welcome-home.php");
die();
}else{
header("location:login.php");
}
The isset()
function checks whether 'username' session variable is set or not, if it is set, user is redirected to home page otherwise,
a login screen is presented in front of user.
Also read,
Implement Login form in php
Logout system in php
<?php
session_start();
if(session_destroy()) {
header("Location: index.php");
}
?>
Auto start a session
If we need session throughout the complete website that is in all pages or in a app, we can use php's autostart session features.
By this feature, session wil be automatically started for each pages.
To achieve this we need to the set the session.auto_start = 1
in the php configuration file php.ini
If you do not have access to the php.ini file, and you're using the Apache web server, you could also set this variable using the .htaccess file.
php_value session.auto_start 1
For full php.ini configuration, read this , How to configure php.ini configuration file
Set user defined Session ID
<?php
session_id(user-defined-session-id);
session_start();
?>
Remember, you need to set the session id before starting the session. Otherwise, user defined session id will not come into effect.
If you like this article, share with your friends. It will inspire me to write more.
Published on Nov 4, 2020