Session Handling in PHP

by Vishal Suryawanshi On

What is session ?

A normal HTML website will not pass data from one page to another. In other words, all information is forgotten when a new page is loaded. A PHP session solves this problem by allowing you to store user information on the server for later use (i.e. username, Password). However, this session information is temporary and is usually deleted very quickly after the user has left the website that uses sessions. Session handling is a key concept in PHP that enables user information to be persisted across all the pages of a website or app. A PHP session is used to store data on a server rather than the computer of the user.

Starting a PHP session

Before you can begin storing user information in your PHP session, you must first start the session. When you start a session, it must be at the very beginning of your code, before any HTML or text is sent.

<?php
session_start(); // start up your PHP session
?>

Storing a session data

When you want to store user data in a session use the $_SESSION associative array. This is where you both store and retrieve session data.

<?php
session_start(); 
$_SESSION['name'] = "xyz"; // store session data
echo "Name = ". $_SESSION['name']; //retrieve data
?>

Output

Name= xyz

php sessions: using php’s isset function

explore some of the real functionality of sessions. When you create a variable and store it in a session, you probably want to use it in the future. However, before you use a session variable it is necessary that you check to see if it exists already. This is where PHP’s isset function comes in handy. isset is a function that takes any variable you want to use and checks to see if it has been set. That is, it has already been assigned a value.

<?php
session_start(); 
if(isset($_SESSION['name']))
echo "Name = ". $_SESSION['name'];
else
$_SESSION['name'] = "xyz";
?>

Cleaning and Distroying your session

Although a session’s data is temporary and does not require that you explicitly clean after yourself, you may wish to delete some data for your various tasks.

Cleaning your session

<?php
session_start(); 
if(isset($_SESSION['cart']))
unset($_SESSION['cart']); 
?>

Distroying your session

You can also completely destroy the session entirely by calling the session_destroy function.

<?php
session_start(); 
session_destroy();
?>

PHP login with session

Login.php

<html>
<head>
<title>Login Form</title>
</head>
<body>
<h2>Login Form</h2>
<form method="post" action="checklogin.php">
USER ID: <input type="text" name="uid"/><br>
PASSWORD: <input type="password" name="pw"/><br>
<input type="submit" value="Login"/>
</form>
</body>
</html>

checklogin.php

<?php 
session_start();
$uid = $_POST['uid']; 
$pw = $_POST['pw'];
if($uid == 'arun' and $pw == 'arun123')
{ 
$_SESSION['sid'] = '$uid'; # need to set user id instead of session_id()
if (isset($_SESSION['sid'])) {
header('Location: welcome.php');
}
else
{
echo "Error";
}
}
?>

welcome.php

<?php 
session_start();
if(isset($_SESSION['sid']))
{
echo "welcome to you<br>";
echo "<a href='logout.php'>Logout</a>";
}
else
{
header('Location: login.php');
}
?>

logout.php

<?php

session_start();
if(!session_destroy())
{
echo "Failed to log out";
}
else
{
echo "Logged out successfully";
}
?>

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.