Home >> FAQs/Tutorials >> PHP Script Tutorials and Tips >> Index

PHP Script Tips - Understanding and Using Sessions

By: FYICenter.com

Part:   1  2   3  4  5 

(Continued from previous part...)

What Is a Session ID?

A session ID is an identification string of a session. Since there might be multiple visitors coming to your Web site at the same time, the PHP engine needs to maintain multiple sessions concurrently. Session IDs are created and maintained by the PHP engine to identify sessions.

When a visitor comes to your Web site requesting the first PHP page for the first time, the PHP engine will create a new session and assign a unique session ID to this new session. The first PHP page can set some values to the session. When the same visitor clicks a hyper link requesting the second PHP page, the PHP engine will use the same session ID to find the same session created for the first page and give it to the second page. No new session will be created for the second page.

How To Retrieve the Session ID of the Current Session?

Normally, you don't need to know the session ID of the current session. But if you are interested to know the session ID created by the PHP engine, there are two ways to get it:

  • Calling session() function. It will return the session ID value.
  • Using built-in constant SID. It will contains a string of session ID name and value.

The tutorial PHP script below shows you how to retrieve the session ID in two ways:

<?php
  session_start();
  print("<html><pre>");

  $sid = session_id();
  print("Session ID returned by session_id(): ".$sid."\n");
  $sid = SID;
  print("Session ID returned by SID: ".$sid."\n");

  $myLogin = $_SESSION["MyLogin"];
  print("Value of MyLogin has been retrieved: ".$myLogin."\n");
  $myColor = $_SESSION["MyColor"];
  print("Value of MyColor has been retrieved: ".$myColor."\n");

  print("</pre></html>\n");
?>

You need to save this script to your Web server as next_page.php. Now visit first_page.php and click the "Next Page" hyper like, you will get something like this:

Session ID returned by session_id(): rfnq17ui6c7g6pjbtc46n0vi97
Session ID returned by SID: PHPSESSID=rfnq17ui6c7g6pjbtc46n0vi97
Value of MyLogin has been retrieved: FYICenter
Value of MyColor has been retrieved: Blue

Now you know that the session ID created by the PHP engine is 26 characters long with alphanumeric characters only.

What Are the Options to Transfer Session IDs?

Once a new session is created, its session ID must be transferred to the client browser and included in the next client request, so that the PHP engine can find the same session created by the same visitor. The PHP engine has two options to transfer the session ID to the client browser:

  • As URL parameter - The Session ID will be embedded in all URLs in the HTML document delivered to the client browser. When the visitor clicks any of those URLs, the session ID will be returned back to the Web server as part of the requesting URL.
  • As a cookie - The session ID will be delivered as a cookie to the client browser. When visitor requests any other pages on the Web server, the session ID will be returned back to the Web server also as a cookie.

The PHP engine is configured to use URL parameters for transferring session IDs by default.

How Session IDs Are Transferred on Your Web Server?

As you know there are two options the PHP engine can use to transfer session IDs to the client browsers. But how to do know which option is your PHP engine is using? The PHP sample script will help you to find out:

<?php
  session_start();
  print("<html><pre>");

  $queryString = $_SERVER["QUERY_STRING"];
  print("Query string of the incoming URL: ".$queryString."\n");

  print("Cookies received:\n");
  foreach ($_COOKIE as $name => $value) {
     print "  $name = $value\n";
  }

  $myLogin = $_SESSION["MyLogin"];
  print("Value of MyLogin has been retrieved: ".$myLogin."\n");
  $myColor = $_SESSION["MyColor"];
  print("Value of MyColor has been retrieved: ".$myColor."\n");

  print("</pre></html>\n");
?>

You need to save this script to your Web server as next_page.php. Now visit first_page.php and click the "Next Page" hyper like, you will get something like this:

Query string of the incoming URL: PHPSESSID=meml483hk4dvm1n2ii8k9hvjj1
Cookies received:
Value of MyLogin has been retrieved: FYICenter
Value of MyColor has been retrieved: Blue

Base on the output, your PHP engine is using URL parameters to transfer session IDs, because you can see the session ID parameter in the query string of the incoming URL, and there is no cookies related to session ID.

(Continued on next part...)

Part:   1  2   3  4  5 


Selected Developer Jobs:

More...