PHP Sessions
Sometimes we need to create a website that need sessions to know if a user is logged or not, or other data we need between pages.
session_start()
We can start a session anytime with session_start() or resume the existing one.
<?php
session_start();
Recuerde que las sesiones se utilizan para guardar datos de la sesión mientras esta está abierta.
$_SESSION
An associative array containing session variables available to the current script
php.net
In the following case I can say that I’m assigning ELPEPE value to session name variable
<?php
session_start();
$_SESSION['name']="ELPEPE";
¿When to use session variables?
An example could it be when a user login in our page.
You could save data from the user on $_SESSION, these data could it be the name, a token or something that distinguish the user, so we could know where the user has access.
I not recommend to store personal user data on sessions like password or something like that. Could store email if its necessary but not make it public on your page.
session_destroy()
Destroy all info associated with the actual session but not destroy variables associated with the session, also do not destroy the session cookie.
If we call session_start() again after a session_destroy() we can access $_SESSION[‘name’] value becouse we do not unset it.
To eliminate this data we can use unset()
<?php
session_start();
unset($_SESSION['name']);
session_destroy();
In this way we can eliminate $_SESSION[‘name’] variable
IMPORTANT: Never use unset on $_SESSION.
Session functions
1- session_name (since PHP 4)— obtain or establish the actual session name
2- session_id (since PHP 4)— obtain or establish the actual session id
3- session_cache_expire (since PHP 4.2)
4- session_abort(since PHP 5.6.0 and PHP 7) discard all changes in session array and end the session
5- session_gc (since PHP 7.1)— session garbage collection
Deprecated Functions
$HTTP_SESSION_VARS Contain all variables in session, instead use $_SESSION
session_is_registered – we can check a session with isset() so this function has no sense
session_register – Register one or more global variables with the current session actually we use $_SESSION[‘var_name’]
session_unregister -actually we use unset()