Welcome to the OzoneAsylum FaqWiki
Server Side Scripting Tutorials
PHP/MySQL Tutorials

Basic PHP Session Tutorial Pages that link to <a href="https://ozoneasylum.com/backlink?for=5739" title="Pages that link to Basic PHP Session Tutorial" rel="nofollow" >Basic PHP Session Tutorial\

Basic Idea:
A session allows you to store information about a current visitor,
without having to pass it from page to page via get or post.
Like wether (and what) user is logged in, and what rights he has.

Simple Usage:
Most of you have a standard 'header' file that you include at the top of every page. Before printing anything, you
should call session_start(). That will generate a random id for your session, which will be stored with a cookie(*) on the users
machine. A session is usually existant about 15 minutes after the last page-load of a user, though this value may have been
changed on your server (in the php.ini, actually).
If session_start() detects that the user already has such an id, it will see if the corresponding session is still existant
(ie. did not time out yet) and restore that.
Once you have a session, you can store just about any php variable in it. The major exclusion are 'resources',
for example the result of mysql_query().... Usually, you wouldn't want to do that anyhow.
To store something in the current session, you would use $_SESSION['aName'] = $myVar;
Get it back by using $_SESSION['aName'], on any page that has called session_start(). That's about it.
Only thing worth mentioning: When you want to store an object in a session, it's class must have been defined before you call session_start().

QuickExample, basic user authentication:

//this must be before any printing is being done, inside or outside of the php tags.

if (isset($HTTP_POST_VARS['user']))
if (doUserAndPasswordMatch($HTTP_POST_VARS['user'],$HTTP_POST_VARS['password']))

if ($myUser = getCurrentUser())
print 'You are logged in'. $myUser;
print 'You are not logged in.<br>';

function printLoginForm() //void
print "<form method=\"post\" enctype=\"multipart/form-data\" action=\"{$_SERVER['PHP_SELF']}\">"; //phpself is the complete url of the current file...
print '<input type="text" name="user" value="">';
print '<input type="password" name="password" value="">';

function getCurrentUser() //string(username), or False
if (isset($_SESSION['username']))
return $_SESSION['username'];
return False;

function loginUser($user) //:void
$_SESSION['username'] = $user;

function doUserAndPasswordMatch($user,$password) //:boolean
//You'd probably replace that with a database lookup...
return ((stringToLower($user) == "shu") && ($password == "sha"));

(*) - There's a setting in php.ini, which if activated, will also transmit the session ID by appending it to post and get requests.
If that's not activated on your server, but you need to send it out,you can get the current session name with session_name()
and the session id with session_id, and send it via post for example with a hidden field: <input type="hidden" name="<?=session_name() ?>" value="<?=session_id() ?>">

Relevant threadss:

Problems with session

Relevant notes:

As of the time of writing this page was ranked number 1 at Google for the terms php session tutorial.


(Added by: Tyberius Prime on Sat 21-Jun-2003)

(Edited by: Tyberius Prime on Sat 21-Jun-2003)

(Edited by: Emperor on Thu 31-Jul-2003)

(Edited by: ahsq81 on Fri 19-Mar-2004)
(Edited by Tyberius Prime on 10-05-2004 13:08)
(Edited by Fikzy on 10-05-2004 18:59)

« BackwardsOnwards »

Show Forum Drop Down Menu