Sunday, May 9, 2010

Starting , storing and destroying Session Variables in PHP

Sessions are used in PHP in various types of applications to pass data and maintain state of the user. If you are using any membership system where user has to login then after verification we have to keep the login status throughout, so we can maintain the authenticity. To do this we have to use session variables as we will store the userid inside this. Similarly for a shopping cart script we have to store the selected items of the user in session variable and display it to the visitor when required. Sessions are the unique link between the user and the server so all actions of the user can be personalized to the user and handled by the server.

We will study how to start a session, how to store variables in a session, how to destroy a session and other related functions for session handling with examples.

Here in many scripts we have used sessions and you can use them as an example. Member signup and login script uses them very often. You can download different scripts and read the code to understand how the sessions are used.

Please note that session are handled differently in PHP 5 and above so we will stick to this version only. If you are using PHP 4 then there is small difference in functions ( or syntax ) but the basic concept remains same.

Starting a session

We have verified that user entered login id and password is matching so we will give access by keeping the user id in session variable. Here is the code.

session_start();
$_SESSION['userid']=$userid;

Note that first line session_start(); this line has to be at the top of your page or this function is to be used before we send any data to the browser. The second line actually stores the data to the session variable, this can be any where within the page. The variable $userid stores the user id ( say bigstar ) now the same value is available in our session. Now let us see how to display or use this session variable.

Displaying or using a session variable

As the member has logged, its user id we can display by showing a welcome message. Here is an example.

echo “Welcome $_SESSION[userid]”;

Note that we must use the function session_start() at the starting of the page ( before sending any output to browser ) to use any session variables. We can check the existence of session with userid at every page level which are supposed to be used by logged in members.

if(!isset($_SESSION['userid'])){
echo "Sorry, Please login and use this page";
exit;
}

As you can see we have used isset function to check the presence of session variable storing userid. If the variable does not exist then we are displaying a message asking the user to login and then terminating the script by using exit command. This part of the script you can see in detail at our login and logout script.

Displaying all the session variable.

We can store different data in session variables. In our example we have used only one ( that is $_SESSION[userid] ) but we can store other data also. Let us add name to the session variable like this.

$_SESSION['name']="Ronny";

Now we can display all the elements of the session array and see what are the session variables created and what data they store.

while (list ($key, $val) = each ($_SESSION)) {
echo "$key -> $val
";
}

you will get a list like this.

userid -> plus2net
name -> Ronny

Destroying the session

To destroy or delete the sessions we can use these two commands. It is advisable to use these commands in this sequence to destroy remove sessions in PHP.

session_unset();
session_destroy();

Important : Don't forget to give session_start() command at the staring of the page.
You can test all the above code to learn and understand how the session works by running these sample codes at your system. Open the index.php file and rest you can easily understand.

No comments: