ru en uk

  sing in

(044) 362 48 16   (098) 294 41 60


Home   |   WEB development   |   Articles   |   Programming in PHP

What is a session and what they need?

Let's imagine this situation: you have a certain number of pages, entry to which you want to restrict the password. We have a form in which we enter the username and password on the next page, we check the data in the ; correct , if the username and password are correct, then display the contents of the page.
All would be nothing but zaparolenyh we have a few pages, and login with the password should be checked for each. Here arises the need for the transfer of data between pages. Of course, could be transferredup username and password using GET (, but for several reasons, so do not (see all of the password). But imagine a case where you want to transfer from skriPTA script (from page to page) the large amount of information ... And then there is the thought: it was good to be able to send us the correct data from one script to another when viewing the site without the direct transfer of data from server to browser and back. Thus, wethemselves to match the principle of the sessions.

As arranged session?

Sessions - a mechanism established for temporary storage and transfer of information between the scripts in one site.

Sessions include the possibility of creating a Propertygovernmental methods of information processing, therefore, in principle, you can use the session and when working with multiple sites or even multiple servers. This means we will not be here, because these techniques go beyond the standard programming in PHP and requires the programminghundred deep knowledge not only PHP, but also knowledge of network protocols, architecture of servers, and so on.

Sessions from the perspective of a programmer
To start a session mechanism in the script (create a session), you must use the session_start (). This function should be in your script before the script begins to output (why - explain below). After creating the session, we get access to superglobal arrays $ _SESSION, which has useful properties. Thus, placed in it will be available to us at any UKripte in any function of the site during a conversation with. The session is terminated when the user closes the browser or after a certain time in which the user is not committed to website. This time is determined by the option session.gc_maxlifetime in php.ini file anddetermines the time after which the session file will be considered as outdated.

There is also an array of $ HTTP_SESSION_VARS, which can be used when working with sessions. But this is not an array superglobal, plus his name has more letters, and thus need to spendmore time to his writing. In general, the use of this array, I do not recommend.

A closer look at the mechanism of the sessions
Data from the script to the script according to the mechanism of the sessions consists of creating a file, write data to a file, open the file htenii data and so on. So, initially, this mechanism is based on the files. As already mentioned, if necessary, the data session can be stored in a database or simply stored in memory. To do this, use the session_set_save_handler () and / or option in the file php.ini session.save_handler
Session identifier.
At the start of the session creates a special file, which stores data transmitted through the session. To identify the particular session, the user uses a so-called session ID. ID is a 128 bit number of type 523afa15f4a8e05e95241481c0cbc71e, which at the start of the sessions chosen at random. As a result, we have a file with a name which has a unique ID equal to the session ID.

The transfer of session
There are twobenefit transfer of session data between server and browser:
As a parameter in the URL

The use of cookies - unless the user has cookies included PHP processor himself puts it with the value of the variable identifier, and at the right time reading it from there,which included the client cookies or not - php defines himself.

What is a cookie?
Cookie is a small piece of information that the server sends the client. The client (browser) to store this information and pass it to each server formillet, as part of HTTP header. Some cookie is stored only for one session, they will be deleted after closing the browser. Others set for a certain period of time, data is written to a file. Usually this file is called 'cookie.txt'.

Using parametrov - the method used by PHP if cookies are disabled. The essence of the method that analyzes the entire PHP processor code intended for display in a browser, and makes avtozamenu all references in such a way that the session ID is transmitted to the next page throughlaws of GET or POST.

Examples AutoCorrect:

ID to the processing php-processor:

<a href=page.php> link </ a>

Code after processing php-processor:

<a href=page.php?PHPSESSID=523afa15f4a8e05e95241481c0cbc71e> link </ a>

Code to the form processing php-processor:

<form action = page.p
</ form>

Code after processing the form php-processor:

<form action=page.php>
<input type = "hidden" name = "PHPSESSID" value = "523af
a15f4a8e05e95241481c0cbc71e ">
</ form>


So summarize the above. We have the data to be used on multiple pages, for each client for storing these data highlightyaetsya memory space with a unique identifier; PHP sends the fingerprint of the script to the script, thereby opening up access to dedicated to the memory of the client's site. All these actions are performed automatically PHP-processor, but from the programmer is required only to give the commandto run sessions.
For example, all of this we see that the session - this is a very convenient and flexible mechanism for identifying client requests.

Frequently used settings and functions for the sessions

session_start (); - starts furanizm sessions for the current script.

If you want your script worked, regardless of register_globals, you need to use the $ _SESSION array as the data that are in this array are automatically recorded. If you wa sh script uses session_register (), it will not work in environments where the PHP register_globals directive is off.

We recommend that you use this design for the registration of the variables in sesii

$ _SESSION [ 'Name'] = "Basil";

session_destroy (); - destroyed data stored in the session, the session file and the id.

session_name (); - this function returns the name of the variablewhich is used for the storage of session data.

session_id (); - is the identifier of the session. - setting in php.ini setting the variable name for storing the session identifier, the default value - PHPSESSID.

session.auto_start - setting enables / disables the automatic start of the sessions. If the value of the parameter - 1, then the session to start automatically and to use session_start () is not necessary if the value - 0, the session will not startautomatically. The default value of 0.

session.use_cookies - PHP parameter indicates whether the processor to use cookies to store the ID or not. By default, PHP-processor is allowed to use cookies to store session ID, and the importance of this of the parameter is 1.

Other parameters and functions for working with sessions is used relatively infrequently, so I will not give them a description in this article. But if you did have the desire, you can always refer to them here:ession.php "target =" _blank ">

Example use of sessions

Now I have to show the simplest example of how data is stored and transmitted through the mechanism of sessions.


<form action=page1.php method="GET">
Enter your name <input type=text name=login>
<input type=submit>
</ form>

rong> page1.php

<? php / / attention! Before <? php should not be spaces or blank lines
> session_start ();
/ / Add support for sessions and generate a random
/ / Session ID

$ _SESSION [ 'Login'] = "root";
/ / Register variable as a variable $ login session.

= "# 007700"> print "on the previous page you enter the name <b> $ _GET [ 'login'] </ b>. Your name is already stored in your session. <br />
Click on the link
to the next page <p>

<a href="page2.php"> Link to the next page </ a> ";
/ / Make a link to jump to the next page anitsu
/ / In the link using the mechanism AutoCorrect
/ / Will populate with an identifier of the session


rce ">
<? php / / attention! Before <? php should not be spaces or blank lines
session_start ();
> / / Re-add support sessions

print "Your name, transmitted through the mechanism of sessions: <b> $ _SESSION [ 'login'] </b> ";
/ / Display the contents of the variable $ login
/ / Stored in the file session

At the same time, I Zakanchivayu his article, and wish you every success in further study of PHP!

Safety Fundamentals
Safety Fundamentals
Safety Fundamentals