PHP Tutorials: Sessions

What is Session?

Have you ever wonder, how Facebook, instgram or any other website remember your name or other information when you refresh the page or come back to the page after some time? How they know your name in every page you access or go to? The Superhero behind all the frames is Sessions. Sessions is one of the most powerful and important part of any Web application or you say website. When it comes to store the data temporarily, the session is used to do that. Although there is already a technique called Cookies available. But Session have it’s own advantages over Cookies.

#1: First and main advantage of Sessions over Cookies is it’s storage, the Cookies are stored in the system memory and can be altered by the attackers and the data can be manipulated. Of course, once you data is manipulated your web application will break or will compromise the security. But the data stored in Session can’t be accessed because it get stored in Web Server.

#2: Second advantage of Sessions over Cookies is it’s size while browsing to a URL. Every time a url is opened the web browser send Cookies to the server. If you have more cookies stored in the browser, the website will take more time to load. Say if you have 50KB of cookies stored then it will take 50KB of data to load the cookies with every call to the page. But in case of Session the website and server sync using a Session id. The Session id helps server to recognize the system and validate the call.

The most important thing is, the Session ID is generated randomly. An attacker can’t predict the name of the Session variable and it become impossible to guess the ID/name. Almost 100% of the modern websites are using Sessions due to security.

How to start Sessions?

I hope that’s enough information about Sessions. Now, you might be wondering how to start a Session. Believe me, starting a Session is not a rocket science and it’s not a very long syntax or a 100 line of code to remember which you need to keep in a safe place of your hard disk. It’s a single line code.

<?php
      //Starting Session
      session_start();
?>

Wasn’t that so quick and easy. The function session_start() will do everything for you.

How to use or store data in Sessions?

Now we know, what is Session and how to start a Session but are we done here. Absolutely not! Now we need to learn a lot of things while working with Session. I am joking. There is nothing complicated about Sessions either it’s storing the data, access the data or deleting a Session data. If you know about Associative array of PHP then you are already 95% done with every thing. Session store the data in Key-Value pairs with $_SESSION a predefined array. Lets have a look

<?php
     //Starting Session
     session_start();
     //Store name
     $_SESSION['firstname'] = "Lakshmi";
     $_SESSION['lastname'] = "Guleria";
?>

This easy chunk of code will store the First name and last name with key-value pairs. It’s it more easy more than anything. Let us move further.

How to Accessing data in Sessions?

Earlier we learned how to store data with the help of Key-value pairs in $_SESSION variable. Now, what is the purpose of the data which we can’t access. Of course Sessions has a method to access the data which you stored in the previous topic. As I already mentioned, if you know PHP associative array then you are already 95% done with Sessions. Lets have a look how to access the previously stored data in $_SESSION.

<?php
     //Starting Session
     session_start();
     //Store name
     echo "Hi Guys! My name is ".$_SESSION['firstname']." ".$_SESSION['lastname'].".";
?>

Output of the above code will be

Hi Guys! My name is Lakshmi Guleria.

How to Destroy Session data?

Now we know almost everything about Sessions. Although, Sessions are safe and secure but we still need to clear/destroy the data we stored in Sessions. If I tell you one more time that if you know Associative array then you are already “Master”.

There are 2 ways to destroy the Session data. The first is to just remove a single value from the Session variable and another is to clear whatever is in the Sessions.

Method #1 Remove only 1 key from the $_SESSION variable.

<?php
     //Starting Session
     session_start();
     //Unset one key
     if( isset($_SESSION['firstname']) ){
          unset($_SESSION['firstname']);
     }
?>

Method #2 Clear everything from $_SESSION

<?php
     //Starting Session
     session_start();
     //Unset one key
     session_destroy();
?>

One thought on “PHP Tutorials: Sessions

  • August 11, 2019 at 5:07 am
    Permalink

    I think this is among the most significant info for me. And i’m glad reading your article. But wanna remark on some general things, The site style is perfect, the articles is really excellent : D. Good job, cheers

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *