PHP Sessions

Data can be stored and retrieved across multiple web pages using the PHP session mechanism. Simply put, it is a method of creating a temporary storage space for user data that can be accessed as the user browses the site's various pages.

When a user visits a website, the session begins and ends when the user closes the browser or when the session is terminated programmatically. PHP generates a unique session ID during the session, which is used to identify the user's session data.

How to start a session in PHP

To start a session in PHP, use the "session_start()" function. As an example:

<?php
   session_start();
?>

How to destroy a session in PHP

To destroy a session in PHP, use the "session_destroy()" function. As an example:

<?php
   session_destroy();
?>

Destroying a session in PHP deletes all session data associated with the user's session ID. When a session is terminated, all session variables are cleared, and the session cookie is removed from the user's browser. This effectively terminates the user's session, and any session data saved is lost.

Store session data in PHP

In PHP, sessions are server-side variables that let you store information for a specific user across several pages of your website. PHP generates a special session ID for each user who visits your website. This ID is saved in a cookie on the user's computer or, if cookies are not supported, in the URL.

The user's session data on the server is identified by the session ID. As long as the session is active, any information you store in the $_SESSION superglobal variable is linked to the user's session ID and accessible from any page of the website.

Consider the following example demonstrating the storing and retrieving of session data in PHP:

PHP Code
<?php
   session_start();

   // store data in the session
   $_SESSION['username'] = 'codescracker';

   // retrieve data from the session
   $username = $_SESSION['username'];

   echo "Welcome, $username!";
?>
Output
Welcome, codescracker!

This code starts a session using the session_start() function, which creates a new session or resumes an existing one. It then sets the username session variable to the value 'codescracker' using the $_SESSION superglobal array. This means that the value of 'codescracker' is associated with the user's session ID and can be accessed on any subsequent pages of the website. The code then retrieves the value of the username session variable using the $_SESSION superglobal array and stores it in a variable called $username. Finally, it displays a welcome message that includes the value of the $username variable using the echo statement.

Because the session data "codescracker" is stored in the "$_SESSION['username']", you can access it from any page of the website. You only need to start the session and then retrieve the data, as done in the above example.

Authenticate the user using a PHP session

You can also use the session in PHP to authenticate users. As an example:

<?php
   session_start();

   if (isset($_SESSION['username'])) {
      echo "Welcome, " . $_SESSION['username'] . "!";
   } else {
      header('Location: login.php');
      exit;
   }
?>

This code first starts a session using the session_start() function, which creates a new session or resumes an existing one. It then checks if the username session variable is set using the isset() function. If the username session variable is set, it displays a welcome message that includes the value of the username session variable using the echo statement.

The code uses the header() function to direct the user to the login.php page if the username session variable is not set. After the redirect, the script is terminated using the exit statement, which stops the execution of any additional code.

Advantages of sessions in PHP

Disadvantages of sessions in PHP

PHP Online Test


« Previous Tutorial Next Tutorial »


Liked this post? Share it!