When you work with an application, you open it, make some changes, and then close it. This process is similar to a session. The computer keeps track of who you are, when you start the application, and when you end. However, on the internet, the web server doesn’t automatically know who you are or what you’re doing because HTTP is stateless.
Session variables address this issue by storing user information that can be used across multiple pages (e.g., username, favorite color). By default, session variables last until the user closes the browser.
Thus, session variables hold information about a single user and are accessible to all pages within a single application.
| Tip: For permanent storage of data, consider storing it in a database. |
A session begins with the session_start() function.
Session variables are set using the PHP global variable $_SESSION.
Now, let’s create a new page called “demo_session1.php.” In this page, we will start a new PHP session and set some session variables:
| <?php // Start the session session_start(); ?> <!DOCTYPE html> <html> <body> <?php // Set session variables $_SESSION[“favcolor”] = “green”; $_SESSION[“favanimal”] = “cat”; echo “Session variables are set.”; ?> </body> </html> |
| Note: The session_start() function must be the very first thing in your document, even before any HTML tags. |
Next, create another page called “demo_session2.php.” On this page, we will access the session information set on the first page (“demo_session1.php”).
Note that session variables are not passed individually to each new page; instead, they are retrieved from the session that is opened at the beginning of each page using session_start().
Also, be aware that all session variable values are stored in the global $_SESSION variable:
| <?php session_start(); ?> <!DOCTYPE html> <html> <body> <?php // Echo session variables that were set on previous page echo “Favorite color is “ . $_SESSION[“favcolor”] . “.<br>”; echo “Favorite animal is “ . $_SESSION[“favanimal”] . “.”; ?> </body> </html> |
Another way to display all the session variable values for a user session is to run the following code:
| <?php session_start(); ?> <!DOCTYPE html> <html> <body> <?php print_r($_SESSION); ?> </body> </html> |
|
How does it work? How does it know it’s me? Most sessions set a user key on the user’s computer that looks something like this: 765487cf34ert8dede5a562e4f3a7e12. When a session is opened on another page, it scans the computer for this user key. If there is a match, it accesses the corresponding session; if not, it starts a new session. |
To change a session variable, simply overwrite it:
| <?php session_start(); ?> <!DOCTYPE html> <html> <body> <?php // to change a session variable, just overwrite it $_SESSION[“favcolor”] = “yellow”; print_r($_SESSION); ?> </body> </html> |
To remove all global session variables and destroy the session, use session_unset() and session_destroy():
| <?php session_start(); ?> <!DOCTYPE html> <html> <body> <?php // remove all session variables session_unset(); // destroy the session </body> </html> |