Topics

PHP Sessions

This PHP Sessions tutorial will help you learn about how to use sessions. So, let's begin.

 

What are PHP Sessions?

We use sessions to store information accessible across web pages. Unlike cookies, the session is not stored on the browser of the user; therefore, a session is a more secure option.

 

Since HTTP is a stateless protocol, if a user visits a web page and performs some action, there is no way to remember his actions after the user navigates to another web page.

For instance, you use your email address and password to log into your Facebook account; until and unless you logout, the Facebook web application remembers who you are, displays your friend's posts and likes on your News Feed, updating profile, send messages, joining group, etc., this is accomplished by Session.

Any web application creates a session for users when they login to their account. It stores their username or userid or some other unique identifier in the session, then uses it on the consecutive web pages to show information specific to that user. The session is destroyed on logout.

Any size limit does not limit the session; you can store any information in the session, irrespective of its size.

Before we move on to starting, updating, and ending a session in PHP, let's see a few real-world uses of the session.

 

Realworld Use of Session

  • Web applications that require a user to login, use sessions, etc., store user information so that it can display related information to the user on every web page.
  • The shopping cart is generally saved as part of the session on eCommerce websites.

It offers you an idea of how to use sessions in your web application.

 

Start a Session in PHP

In PHP, the session_start() function can be used to we can start a session. The session variable is used to store data; you can use the global variable $_SESSION to assign different values.

In simple words, using the session_start() function, the session is initialized, and in which the information can be stored using the $_SESSION session variable.

Let's consider an example; below; we have a webpage with a Php file named first_page.php

<?php
// start the session
session_start();

// set the session variable
$_SESSION["username"] = "Jarvish";
$_SESSION["userid"] = "1";
?>

<html>
    <body>
    
    <?php
    echo "Session variable is set.";
    ?>
    
    <a href="second_page.php">Go to Second Page</a>
    
    </body>
</html>

Note: The first statement of the page before any HTML tag should be function session_start().

 

Getting PHP Session Variable Values

A session has been started, and two session variables have been set in the code above. The above webpage will also have a link to navigate to the Second-page second_page.php.

Given below is the code for second_page.php, in which the values are fetched from the session variable that is set in the first_page.php.

<?php
// start the session
session_start();

// get the session variable values
$username = $_SESSION["username"];
$userid = $_SESSION["userid"];
?>

<html>
    <body>
    
    <?php
    echo "Username is: ".$username."<br/>";
    echo "User id is: ".$userid;
    ?>
    
    </body>
</html>

Output:

Username is: Jarvish
User id is: 1

 

You must be thinking about the purpose of using session_start() here, though any new values in the session variable were not set.

The new session is initialized using the session_start() function and fetches the ongoing session (if already started). Then, you can use the $_SESSION global variable for either setting new values into the session or getting the saved values.

In case too many values are stored in the session and you don't know which one you want to get, then the code below can be used to print all the current session variable data.

<?php
// start the session
session_start();
?>

<html>
    <body>
    
    <?php
    print_r($_SESSION);
    ?>
    
    </body>
</html>

Output:

Array ( 
[username] => Jarvish,
[userid] => 1
)

 

Update Session Variable in PHP

For updating any value stored in the session variable, you can start the session by calling the session_start() function and then simply overwriting the value to update the session variable.

<?php
// start the session
session_start();

// update the session variable values
$_SESSION["userid"] = "1111";
?>

<html>
    <body>
    
    <?php
    echo "Username is: ".$username."<br/>";
    echo "User id is: ".$userid;
    ?>
    
    </body>
</html>

Output:

Username is: Jarvish
User id is: 1111

Here we updated the value of userid in the session variable from 1 to 1111.

 

Destroy a Session in PHP

For cleaning the session variable or removing all the stored values from the session variable, the function session_unset() can be used, and for destroying the session, the session_destroy() function can be used.

<html>
    <body>
    
    <?php
    // clean the session variable
    session_unset();
    
    // destroy the session
    session_destroy();
    ?>
    
    </body>
</html>

 

These functions are used on pages such as logout or checkout in case of an eCommerce website for cleaning the session variable off the user-specific data and eventually destroying the current session.