Table of Contents
PHP sessions allow you to store temporary information about a user on the server like logged-in state or username. They're similar to cookies except that this data is stored on the server instead of the client.
When a session is created in PHP, a temporary file is created on the server with the information about that session and the values for that session. This makes it so that the data is available to all pages on the site. At the same time, PHP sends the client a cookie containing their session identifier (SID). Now that each user has their own unique SID, when they make any requests to the server, the server can take this SID, map it to the temporary file, and access whatever data we put in to that file.
Because the only thing the client gets is their ID, sessions are much safer than cookies for handling sensitive information, since that sensitive data lives on the server instead of the client.
Starting a PHP Session
To start a PHP session, use the session_start() function. This function first checks if a session already exists with this user by checking their session identifier. If there is a match, it simply retrieves the information in their temporary file. Otherwise it will initiate a brand new session, generating a new session identifier and sending the cookie to the user.
Here's how to start a session in PHP:
PHP<?php
session_start();
?>
Storing Session Data
Now that we have initiated a session, we can now store data. All session data is available in the superglobal $_SESSION associative array.
Let's store a username with our session:
PHP<?php
session_start();
$_SESSION['username'] = 'Bob';
?>
It's that simple. We have now stored Bob as the value with the key username.
Accessing Session Data
With both a session initiated and some data stored in it, we can now access that data whenever we want. Here is how easily you can access somebody's username:
PHP<?php
session_start();
$username = $_SESSION['username'];
echo($username);
?>
HTMLBob
How easy was that? You can access session variables in PHP just like you would any associative array. Alternatively, you can choose to check if the session variable exists before trying to work with it, like so:
PHP<?php
session_start();
if (isset($_SESSION['username'])) {
// username exists
} else {
// username does not exist
}
?>
Destroying a Session
You can destroy individual session variables by using the unset() function. This will remove a single variable from the associative array.
Let's say we wanted to remove the set username:
PHP<?php
session_start();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
?>
First we check that it even exists at all and if so we simply unset the value. However, if you would like to simply destroy the entire session altogether, PHP offers us a specific function for that called session_destroy().
Using this function requires no parameters:
PHP<?php
session_start();
session_destroy();
// session is destroyed
?>
Sessions are a powerful way to add awesome functionality to your site including user preferences, settings, usernames, and other useful features!
Managing PHP Dependencies with Composer
Getting Started with Express
How to build a Discord bot using TypeScript
How to deploy a Deno app using Docker
How to deploy a Node app using Docker
Learn how to use v-model with a custom Vue component
Learn how to build a Slack Bot using Node.js
Building a Real-Time Note-Taking App with Vue and Firebase
Getting Started with React
Setting Up a Local Web Server using Node.js
Using Axios to Pull Data from a REST API
How To Create a Modal Popup Box with CSS and JavaScript