What is Session Handling
Hyper Text Transfer Protocol (HTTP) is the method on which information is transferred from a server to a
client on the world wide web. This protocol is static in nature, that is every request is a new request and no
persistence (or memory of a previous transfer) remains within the protocol itself. This has its advantages in
the form of safety, the requests by either the client or the server has no long term affects on the other. This
provides a level of security that could be related to a friendly acquaintance with each other and no long
term affects are felt by the interaction. However, for the application developer (and dare it be said, also for
the end user), there are times when a more intimate relationship is needed to add value to the experience.
This is where session handling comes in. Basically, when a user interacts with a web page, the application
attempts to get to know the person and retain a memory of their visit.
Maintaining State
In PHP, this method of retaining a memory of a specific user is known as maintaining a state. This is
accomplished through a series of session management activities that are used to help web applications
maintain their state across several HTTP requests when needed. These session management activities
within PHP sessions are simplistic, yet powerful enough to meet the needs of developers worldwide. PHP
hides all the complexities inherent to where and how to store session data by providing developers with
transparent tools for the managing of information that must persist or remain over a period of time and/or
interactions.
Telling PHP to Remember a Visitor
Before a user (or more importantly the activities of a user) can be remembered, PHP must be told to
remember the person. It is similar to walking on a busy street in a major metropolitan city; a person may
walk past thousands of individuals in the course of getting to and fro; however, the chances of that person
remembering every face they have passed is nearly impossible to consider. It is like that in session
handling. It is not necessary to remember every visitor (or more importantly their activities) that
encounters an application (even though it is theoretically possible, but not feasible). It may be easy to
count that they visited the site, but to get up close and personal with every visitor is not truly the goal of
session handling. Being picky and choosy on who is remembered and who is not, is not only important for
the application, but also could be a sanity check for developers who feel that every little piece of
knowledge about every visitor needs to be stored.
The Process of Remembering a Visitor
There are many tricks for the mind to help in remembering a person; these tricks may or may not work.
However, for PHP this process, when implemented correctly, is a sure winner in remembering the visitor
when necessary. Here is the overview of how this rememberance is possible:
• Session ID - A cryptographic session identifier is created that is saved on the clients machine in a
cookie. There is another process that is completed through the propagation by the URL as part of the
query string (also known as URL propagation) that is limited in scope and will not be expanded upon
in this training.
• Data Stored - Session data is stored on the server in text files (the default directory for storing
session data is /tmp), but this behavior can be easily changed to save session data in shared memory
or even database tables (MySQL of course).
• Two Become One - The corresponding session ID is associated with saved session data, in this way
providing a method for tying a particular user to this data.
Hyper Text Transfer Protocol (HTTP) is the method on which information is transferred from a server to a
client on the world wide web. This protocol is static in nature, that is every request is a new request and no
persistence (or memory of a previous transfer) remains within the protocol itself. This has its advantages in
the form of safety, the requests by either the client or the server has no long term affects on the other. This
provides a level of security that could be related to a friendly acquaintance with each other and no long
term affects are felt by the interaction. However, for the application developer (and dare it be said, also for
the end user), there are times when a more intimate relationship is needed to add value to the experience.
This is where session handling comes in. Basically, when a user interacts with a web page, the application
attempts to get to know the person and retain a memory of their visit.
Maintaining State
In PHP, this method of retaining a memory of a specific user is known as maintaining a state. This is
accomplished through a series of session management activities that are used to help web applications
maintain their state across several HTTP requests when needed. These session management activities
within PHP sessions are simplistic, yet powerful enough to meet the needs of developers worldwide. PHP
hides all the complexities inherent to where and how to store session data by providing developers with
transparent tools for the managing of information that must persist or remain over a period of time and/or
interactions.
Telling PHP to Remember a Visitor
Before a user (or more importantly the activities of a user) can be remembered, PHP must be told to
remember the person. It is similar to walking on a busy street in a major metropolitan city; a person may
walk past thousands of individuals in the course of getting to and fro; however, the chances of that person
remembering every face they have passed is nearly impossible to consider. It is like that in session
handling. It is not necessary to remember every visitor (or more importantly their activities) that
encounters an application (even though it is theoretically possible, but not feasible). It may be easy to
count that they visited the site, but to get up close and personal with every visitor is not truly the goal of
session handling. Being picky and choosy on who is remembered and who is not, is not only important for
the application, but also could be a sanity check for developers who feel that every little piece of
knowledge about every visitor needs to be stored.
The Process of Remembering a Visitor
There are many tricks for the mind to help in remembering a person; these tricks may or may not work.
However, for PHP this process, when implemented correctly, is a sure winner in remembering the visitor
when necessary. Here is the overview of how this rememberance is possible:
• Session ID - A cryptographic session identifier is created that is saved on the clients machine in a
cookie. There is another process that is completed through the propagation by the URL as part of the
query string (also known as URL propagation) that is limited in scope and will not be expanded upon
in this training.
• Data Stored - Session data is stored on the server in text files (the default directory for storing
session data is /tmp), but this behavior can be easily changed to save session data in shared memory
or even database tables (MySQL of course).
• Two Become One - The corresponding session ID is associated with saved session data, in this way
providing a method for tying a particular user to this data.
Comments
Post a Comment