Skip to main content

Session Handling Tasks

As stated earlier, the process of PHP maintaining information from one session to the next for a visitor is
pretty straight forward without lacking in capability. This maintaining of information (getting to know the
end user) is accomplished through session handling tasks.

Starting a Session

It is necessary to tell PHP when to open up its eyes and prepare for the possibility of having to get to know
an end user. This process is accomplished through the function session_start(). This function initializes the
session data or continues the current session that is being passed by a request, such as a GET, POST or a
cookie.

<?php
session_start();
?>

Setting up the Session "Key"

After starting the session process, it is important to identify the "key" by which the user will be
remembered. This key is stored on the end users machine and is called when interacting with the end user
machine with the same function; session_id().

<?php
session_start();
// Calling the session ID of the current visitor
echo 'Old session ID :'.session_id();
// Giving the visitor a new session ID
session_id(md5(rand(1,5000)));
echo 'New session ID: '.session_id();
?>

Replacing the Session "Key"

In the example above, the old session ID is removed and a new session ID is made using the rand function.
This works fine; however, there is a simpler approach to the idea of replacing (or regenerating) a new
session ID. This is accomplished with the session_regenerate_id() function that will replace the current
session id with a new one, while keeping the current session information.

<?php
session_start();
// Calling the session ID of the current visitor
echo 'Old session ID :'.session_id();
// Giving the visitor a new session ID
session_regenerate_id();
echo 'New session ID: '.session_id();
?>

Remembering the Session

When working with sessions, it is important to understand that keeping track of the session is utmost for
this recall to take place. If a session ID is lost, then the information that is associated with it is useless
because the key is lost. Without the key, the session information is wasted space. The way PHP prevents
this important "key" from getting lost, is by giving the developers a tool that is easy to pass on. This tool is
the global constant SID and one way it can be applied is in the following manner:

<?php
session_start();
?>
<a href="nextscript.php?<?php echo SID?>">Click here</a>

Comments

Popular posts from this blog

PHP INTRODUCTION

                     PHP  (recursive acronym for  PHP: Hypertext Preprocessor ) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. PHP stands for  P HP:  H ypertext  P reprocessor PHP is a server-side scripting language, like ASP PHP scripts are executed on the server PHP supports many databases (MySQL, Informix, Oracle, Sybase, Solid, PostgreSQL, Generic ODBC, etc.) PHP is an open source software PHP is free to download and use Why PHP? PHP runs on different platforms (Windows, Linux, Unix, etc.) PHP is compatible with almost all servers used today (Apache, IIS, etc.) PHP is FREE to download from the official PHP resource:  www.php.net PHP is easy to learn and runs efficiently on the server side What can PHP do? Anything. PHP is mainly focused on server-side scripting, so you can...

Data Encryption

Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. The intended recipient can then decode (or decrypt) the information. PHP offers multiple means to make this happen. However, none of these solutions are very effective without the applications running on secure servers and connections. The following are a list of the more common encryption functions in PHP: • md5() - MD5 is a third-party hash algorithm that PHP can use to create a digital fingerprint of a piece of data. It is next to impossible to (efficiently) recover the original text when a piece of data has been encrypted with the md5 hash algorithm. It is also vastly unlikely that any different text string will create an identical hash - a 'hash collision'. These properties make hashes ideally suited for storing an application's passwords because although an attacker may compromise a part of the system...

Delimiting PHP Code

                           PHP was originally designed to be used in conjunction with a web server, and in the case of the LAMP architecture, the Apache Web Server.  PHP applications are designed embedding PHP scripts within a web page along with its HTML.  Unlike standard HTML pages which are sent directly from the web server to the end user, PHP files are first interpreted by the PHP application which then converts the PHP script into another form for display.  This process eliminates the end user from being able to see the original PHP script that was embedded in the HTML and provides  true interaction in HTML files.  This process is similar to proprietary applications such as ASP and Coldfusion; however, PHP is Open Source and cross- platform. PHP Tags             PHP scripts are distinguished from the HTML scripts by using delimiting characters ...