HOME
PHP
Introduction
Php Installation
PHP Basic Scripts
PHP variables
PHP operators
PHP Conditional statement
PHP functions
PHP Arrays
PHP Objects & classes
PHP with Forms
PHP Files
PHP With Database
PHP session
PHP cookies
PHP Regular Expressions
PHP Server Environment
PHP Graphics
PHP Advance
|
PHP Session
A PHP session variable is used to store information about, or change settings for a user session. PHP Session variables hold information about one single user, and are available to all pages in one application.
PHP session is the provisions to users of aunique identifier.Session support in PHP consists of a way to preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site.
A visitor accessing your web site is assigned a unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL.
The session module cannot guarantee that the information you store in a session is only viewed by the user who created the session. You need to take additional measures to actively protect the integrity of the session, depending on the value associated with it.
There are several ways to leak an existing session id to third parties. A leaked session id enables the third party to access all resources which are associated with a specific id. First, URLs carrying session ids. If you link to an external site, the URL including the session id might be stored in the external site's referrer logs. Second, a more active attacker might listen to your network traffic. If it is not encrypted, session ids will flow in plain text over the network. The solution here is to implement SSL on your server and make it mandatory for users. (About SSL Explained in php ecommerce)
Starting a PHP Session
Before you can store user information in your PHP session, you must first start up the session.
Note: The session_start() function must appear BEFORE the tag:
<?php
session_save_path("/home/users/web/b2438/d5.freewebs/phpsessions");
session_start();
// store session data
$_SESSION['views']=1;
?>
<?php
//retrieve session data
echo "Pageviews=". $_SESSION['views'];
?>
example
<?php
session_save_path("/home/users/web/b2438/d5.freewebs/phpsessions");
session_start();
print "<p>welcome ,your session id is ".session_id()."</p>";
?>
you get the output something like this
welcome ,your session id is PHPSESSID=2628864E9216FEE10FCB8A61DB382909
Destroying a Session
If you wish to delete some session data, you can use the unset() or the session_destroy() function.
<?php
unset($_SESSION['views']);
?>
You can also completely destroy the session by calling the session_destroy() function:
<?phpsession_destroy();
?>
| |
|
|