PHP Sessions

Posted on Updated on

Image result for PHP Sessions to Store DataHow to Use PHP Sessions to Store Data

The most effective method to Use PHP Sessions to Store Data

In some cases it’s important for you to incidentally store information particular to a specific client while he/she surfs your site. For instance, you might need to store that client’s inclinations or the mystery word showed in a CAPTCHA picture for checking later. PHP sessions furnish you with simply such an office.

What’s the Difference Between Storing Data in Cookies and Session Variables?

On the off chance that you have perused my instructional exercise on How to Create and Use Cookies in PHP, you might ask why you might need to trouble with sessions when you can as of now utilize treats to store little measures of information particular to a specific client.

There are without a doubt various contrasts between the utilization of treats and session information. The accompanying are, to me, the most huge contrast that will influence your decision of which to utilize.

  1. Cookies are returned and put away in the client’s program, session information is put away on your web server.
  1. The life expectancy of a treat can be set to any span of your picking. PHP sessions have a foreordained short life. The correct life expectancy relies on upon how your web have has arranged PHP on your server.
  1. Depending on how your web server is designed, session information is frequently put away in an open impermanent registry on the server. All things considered it is conceivable that different clients on the server might have the capacity to look at the information you store there.

At the point when to Use Sessions Rather than Cookies

The above contrasts influence your decision of whether you ought to utilize treats or sessions to store your information. Take note of that the accompanying rundown is not thorough.

  1. When you require the information put away on the server and not your client’s program.

When you set a treat, the treat is come back to the client and put away in his program. In some cases this is not a smart thought.

For instance, a few sites have a CAPTCHA test on their web remark shapes, where a picture demonstrating a couple of arbitrary letters and numbers is shown and clients should sort in those characters to demonstrate that they are human and not some spam bot (program). With the end goal for this to work, the script producing the picture needs to store the mystery word some place, so that the program doing the checking can confirm the client’s reply.

In such cases, giving back a treat to the client is not a smart thought, since a spam bot, on getting that treat, can discover the mystery word. You can obviously encode your mystery word before putting away it in the treat, yet why trouble when PHP sessions is precisely what you requirement for this reason?

  1. When the information is transient, and important for the present perusing session

Since you don’t know to what extent your session information will be put away, it makes sense that you ought to just utilize sessions when you don’t generally require the information for drawn out stretches of time. Truth be told, the information put away ought to likewise not be especially essential, with the goal that it’s not the finish of world if it’s lost since it lapsed.

  1. When the information does not contain any data that should be safely kept

As specified before, the session information is kept in a transitory registry on your web server. This is typically an openly available organizer that anybody with a record on the PC can read. All things considered, you ought to be cautious what data you store in your session factors. For instance, don’t store charge card numbers, individual particulars, passwords, client names, and things like that in your session factors.

While this point may appear like a disagreement to my prior thing about the CAPTCHA mystery word, it truly is definitely not. Consider it. The CAPTCHA mystery word is only an unrefined gadget to recognize the spam bots from the people. It’s not by any means a mystery – you even show the word in the client’s program on display. It doesn’t generally make a difference on the off chance that somebody on a similar web server as you happens to see the mystery word as of now being utilized. There’s very little that individual can do with it, and regardless of the possibility that it’s conceivable, so what? Even under the least favorable conditions, you get a couple of additional spam messages to erase.

Balance that with putting away your clients’ Visa numbers or passwords. In the event that these are bargained, you will have a major issue staring you in the face. 

How to Use Sessions in Your PHP Scripts

To use sessions in your script you need to do the following.

  1. Starting a Session

At the beginning of your script, make a call to the session_start() function. This call should be in every script that needs to utilise the session data. For example, if you have a script that creates a CAPTCHA image and needs to store the secret word for the session, you will need to put session_start() at the beginning of the script. If you have another script that takes the user input for the form and checks the secret word entered by the user against what you stored earlier, you will also need to put session_start() in that script.

The function session_start() takes no parameters. It always returns TRUE, so you don’t have to bother to check its return value.

When session_start() is first called, PHP sets a cookie (yes, a cookie) in your visitor’s browser, containing a session identifier (“session ID”). It also creates a session data file to store variables related to that particular session. If the same script, or another script on your site, calls session_start() later, the PHP interpreter will receive the session ID cookie from the browser and load the variables from the session data file it created earlier.

Important: since session_start() sets a cookie via the HTTP cookie header, you must call it before you output anything from your script. It’s best to simply call it at the beginning of your script.

  1. Storing and Accessing Variables

To store variables relevant to the session, assign what you want to a member of the $_SESSION array. For example, the following snippet assigns “ABC123” to $_SESSION[“secretword”] and a colour to $_SESSION[“theme”]:

$_SESSION[“secretword”] = “ABC123” ;
$_SESSION[“theme”] = “purple” ;

You can assign as many variables as you wish.

To access those variables, simply reference it as you would any PHP array. For example:

$captcha = $_POST[“captcha”] ;
$secretword = $_SESSION[“secretword”] ;

if (strcmp( $captcha, $secretword )) {
// it’s a bot
else {
// matched — it’s a human

The above code retrieves the contents of the “secretword” session data and stores it in $secretword. It also retrieves the value returned by a form’s “captcha” field and stores it in $captcha. The function strcmp() is then used to compare the contents of the two variables.

  1. Ending a Session

Ending a session is not as easy as starting one, since there is no simple function to cleanly end it. If you really need a way to end a session yourself (other than by the user simply quitting his/her browser), PHP provides the session_destroy() to destroy the data associated with a session. However, this in itself does not clean up everything. For example, the session cookie is not unset. The $_SESSION array is also still available until your script ends.

To remove the cookie, manually delete it using the usual method one uses to delete a cookie in PHP. To get the name of the cookie to delete, call the session_name() function, which returns a string that is also the name of the cookie set by the PHP session handler.

For more details and queries please feel free to email, visit or call us. Wishing you the very best for all your future endeavors.

Helpline: 9814666333, 8699444666


Please fill the FORM and we shall contact you soon.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s