Home » » php Sessions code

php Sessions code

09:37

Php Sessions


Sessions are used to help maintain the values of variables
across multiple web pages. This is done by creating a unique
 session ID that is sent to the client browser. The browser
 then sends the unique ID back on each page request and
 PHP uses the ID to fetch the values of all the variables
associated with this session.


The session ID is sent back and forth in a cookie or in the URL.
By default, PHP tries to use cookies, but if the browser has
disabled cookies.








PHP falls back to putting the ID in the URL. The php.ini directives that affect this are:

session.use_cookies
When on, PHP will try to use cookies

session.use_trans_sid
When on, PHP will add the ID to URLs if cookies are not used

The trans_sid code in PHP is rather interesting. It actually parses the entire HTML file and modifies/mangles every link and form to add the session ID. The url_rewriter.tags php.ini directive can change how the various elements are mangled.

Writing an application that uses sessions is not hard. You start a session using session_start( ), then register the variables you wish to associate with that session. For example:

<?php
  session_start( );
  session_register('foo');
  session_register('bar');

  $foo = "Hello";
  $bar = "World";
?>
If you put the previous example in a file named page1.php and load it in your browser, it sends you a cookie and stores the values of $foo and $bar on the server. If you then load this page2.php page:

<?php
  session_start( );
  echo "foo = $_SESSION[foo]<br />";
  echo "bar = $_SESSION[bar]<br />";
?>
You should see the values of $foo and $bar set in page1.php. Note the use of the $_SESSION superglobal. If you have register_globals on, you would be able to access these as $foo and $bar directly.

You can add complex variables such as arrays and objects to sessions as well. The one caveat with putting an object in a session is that you must load the class definition for that object before you call session_start( ).

A common error people make when using sessions is that they tend to use it as a replacement for authentication -- or sometimes as an add-on to authentication. Authenticating a user once as he first enters your site and then using a session ID to identify that user throughout the rest of the site without further authentication can lead to a lot of problems if another person is somehow able to get the session ID. There are a number of ways to get the session ID:

If you are not using SSL, session IDs may be sniffed

If you don't have proper entropy in your session IDs, they may be guessed

If you are using URL-based session IDs, they may end up in proxy logs

If you are using URL-based session IDs, they may end up bookmarked on publicly-accessible computers
Categories: 
Related Posts:
  • Creating a Php Script to Mail Your Form Php Mail Script According to the form action in simple_form.html, you  need a script called send_simpleform.php. The goal  of this script is to accept the text in  $_POST[sender_name], $_POST[sender_email],… Read More
  • PHPINFO-Displaying information about the PHP environment PHPINFO-Displaying information PHPINFO-about the PHP environment Functions that are built into PHP can be called from any PHP script. When you call functions, you are executing the code inside them, except the code &nbs… Read More
  • PHP File Upload Script PHP File Uploading Code Take a moment to commit the following list to memory— it contains the variables that are automatically placed in the  $_FILES superglobal after a successful file upload.  The base of im… Read More
  • Free php classified script PHP Classified Script | The best classifieds software.Plug and Play. Our theme is plug and play and you dont need any extra plugins or other scripts to run your classified ads website. Also the installation process is .http:… Read More
  • PHP method of securely Tips PHP method of securely website PHP Web security tips Passwords used within your PHP application  should always be encrypted. If the server you are using does not support mcrypt(), use crypt() to encrypt the password… Read More
  • XML in PHP-SimpleXML-DOM-XMLReader There are many ways we can work with XML in PHP, and they’re all useful in different situations. There are three main approaches to choose from and they all have their advantages and disadvantages: 1. SimpleXMLis the most… Read More
  • php Sessions code Php Sessions Sessions are used to help maintain the values of variables across multiple web pages. This is done by creating a unique  session ID that is sent to the client browser. The browser  then sends the … Read More
  • Working with Cookies in PHP Cookies are key/value pairs, that are sent to the browser along with some other information, such as which paths the cookie is valid for and when it expires. Since PHP is designed to solve “the Web problem,” it has some g… Read More
  • Top PHP Interview Questions with Answers For Job   What is PHP?     PHP is a server side scripting language  used for web development applications.     Php is the powerful tool for making dynamic website.     Many … Read More
  • All Operators Of PHP   All PHP Operators  An expression is the basic building block of the language. Anything with a value can be thought of as an expression. Examples include: 5 5+5 $a $a==5 sqrt(9) By combining many of these bas… Read More
  • Top PHP Online Resources Top PHP Online Resources 5 Top excellent PHP online resource  http://www.php.net/ This is perhaps the most useful of the sites listed  in this appendix, simply because this is the site that contains up-to-date … Read More
  • PHP Array Introduction Function Description PHP  Testing Array and sizeof( )<?php$fixture = Array( );// $fixture is expected to be empty.$fixture[] = "element";// $fixture is expected to contain one element.?>A really simple way … Read More
  • Variables in PHP Variables in PHP Variables are used for storing a values, like text strings, numbers or arrays. When a variable is set it can be used over and over again in your script All variables in PHP start with a $ sign symbol. Th… Read More
  • How to Sending Data to a Database php How to Sending Data to a Database php Save Data to a Database by php The process of adding information to a table is similar  to creating the table itself in terms of which functions  you use, but the SQL quer… Read More
  • 555 php Interview Questions What are “GET” and “POST”? What are the advantages of stored procedures, triggers, indexes? PHP? What is LAMP? How to Read an RSS Feed With PHP  What is the maximum length of a table name, database name, … Read More