Passing Variables with Sessions
Asession is basically a temporary set of variables that exists only until the browser has shut down (unless
you set this up differently in your php.ini file, which is another story altogether). Examples of session
information include a session ID and whether or not an authorized person has “logged in” to the site. This
information is stored temporarily for your PHP programs to refer back to whenever needed.
Every session is assigned a unique session ID, which keeps all the current information together. Your
session ID can either be passed through the URL or through the use of cookies. Although it is preferable
for security reasons to pass the session ID through a cookie so that it is hidden from the human eye, if
cookies are not enabled, the backup method is through the URL.
This setting is determined in your php.ini file. If you would like to force the user to pass variables
through cookies (instead of allowing a backup plan), you would set the following line in your file:
session.use_only_cookies = 1
To begin a session, use the function session_start(). Because we assume you have register_globals
set to “off,” you should not use the session_register() function you may have seen in other PHP
scripts. Make sure before using sessions that your php.ini file has been modified to show a valid path
in the session.save_path variable, as described in Chapter 1.
First, you need to decide what information will be stored in your session. Anything that has been stored
in a database can be retrieved and stored temporarily along with your session information. Usually, it is
information such as username and login information, but it can also be preferences that have been set at
some point by the user. An SID (session ID) will also be stored in the session array of variables.
No comments:
Post a Comment