Table of Contents
PHP sessions allow you to store temporary information about a user on the server like logged-in state or username. They're similar to cookies except that this data is stored on the server instead of the client.
When a session is created in PHP, a temporary file is created on the server with the information about that session and the values for that session. This makes it so that the data is available to all pages on the site. At the same time, PHP sends the client a cookie containing their session identifier (SID). Now that each user has their own unique SID, when they make any requests to the server, the server can take this SID, map it to the temporary file, and access whatever data we put in to that file.
Because the only thing the client gets is their ID, sessions are much safer than cookies for handling sensitive information, since that sensitive data lives on the server instead of the client.
Starting a PHP Session
To start a PHP session, use the session_start()
function. This function first checks if a session already exists with this user by checking their session identifier. If there is a match, it simply retrieves the information in their temporary file. Otherwise it will initiate a brand new session, generating a new session identifier and sending the cookie to the user.
Here's how to start a session in PHP:
PHP<?php
session_start();
?>
Storing Session Data
Now that we have initiated a session, we can now store data. All session data is available in the superglobal $_SESSION
associative array.
Let's store a username with our session:
PHP<?php
session_start();
$_SESSION['username'] = 'Bob';
?>
It's that simple. We have now stored Bob
as the value with the key username
.
Accessing Session Data
With both a session initiated and some data stored in it, we can now access
that data whenever we want. Here is how easily you can access somebody's username:
PHP<?php
session_start();
$username = $_SESSION['username'];
echo($username);
?>
HTMLBob
How easy was that? You can access session variables in PHP just like you would any associative array. Alternatively, you can choose to check if the session variable exists before trying to work with it, like so:
PHP<?php
session_start();
if (isset($_SESSION['username'])) {
// username exists
} else {
// username does not exist
}
?>
Destroying a Session
You can destroy individual session variables by using the unset()
function. This will remove a single variable from the associative array.
Let's say we wanted to remove the set username:
PHP<?php
session_start();
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
}
?>
First we check that it even exists at all and if so we simply unset the value. However, if you would like to simply destroy the entire session altogether, PHP offers us a specific function for that called session_destroy()
.
Using this function requires no parameters:
PHP<?php
session_start();
session_destroy();
// session is destroyed
?>
Sessions are a powerful way to add awesome functionality to your site including user preferences, settings, usernames, and other useful features!
- How to Install Node on Windows, macOS and Linux
- Managing PHP Dependencies with Composer
- Getting Started with Svelte
- How to Serve Static Files with Nginx and Docker
- How to Set Up Cron Jobs in Linux
- How to deploy a PHP app using Docker
- How to deploy a Node app using Docker
- Getting Started with Sass
- Getting User Location using JavaScript's Geolocation API
- Getting Started with Moment.js
- Creating a Twitter bot with Node.js
- How To Create a Modal Popup Box with CSS and JavaScript