This article is designed for all of you who want to learn the basics of sessions. The session capabilities are very powerful and easy to use. Sessions allows you to keep user habits, they can tell you what user have just done on your site and, perhaps even personalize your content for him

.

Yes what you gussed is right, when we create a session, the identity number is generated and ties it to the user. As I proceed we'll be looking at how to open sessions, delete sessions, tracking session sepecifc data.


What is a session?
A session is a mechanism to maintain a users state across some period of time. The word session can be refered to the time that a user is at a web site for a specific period of time.

If you are looking beyond the standard session functionality checkout the PHPLIB - it offers advanced session management functions.


Starting a session

A PHP 4 session is started by calling session_start(). This is usually called at the top of the script, before any outputs (or you'd be getting some weird errors) and to allow the session variables be available to the script. There's also another way to start a session: using session_register(). This function internally calls the session_start() if one isn't started, so use it, lazy people.

When the session_start() is called PHP checks if a session ID exists, if there's none PHP creates it. Session ID usually looks like a bunch of lowercase letters mixed with digits that together make 32 characters.

Now, after starting a session its time to register some session variables through the session_register() function. This allows to register variables session data, and can be accessed throughout the session.

Here's an example which starts a session and registers variables for use with the session:

<?php
    session_start();
    $my_name = "session handling is cool";
    session_register($my_name);

    // we can add session vars to $HTTP_SESSION_VARS this way:
    $HTTP_SESSION_VARS["jim"] = "Hes an alien";

    // you can give a name for a session:
    session_name("first_session");

?>

Passing session data

After registering session variables, accessing those data is pretty stright. Just print the variable name where you want the output, like this:

<?php
    print $my_name 
    // will output session handling is cool,
    // but remember to call session_start() on each page.

?>

There are functions to access session id like session_id() or PHPSESSID or SID which outputs the unique id created.


Deleting session data

First unregister the registered variables:

<?php
    session_unregister($my_name);

?>

The better way is to loop though all the registered variables and unregister them like this

<?php
    global $HTTP_SESSION_VARS;
    foreach ($HTTP_SESSION_VARS as $key => $value) {
        session_unregister($key);
    }

    session_destroy() # force a session to end 

?>

The session values are lost when the user closes his/her browser because the default cookie lifetime is 0. We can change this default setting using gc_maxlifetime directive to determine how long after the session data should be destroyed.



Storing session data

Session data can be stored into database and can be retrieved by using call-back functions that we define with session_set_save_handler() function.

The following is the syntax of the function:

    session_set_save_handler(string open, string close, string read, string write, string destroy, string gc)

Heres how we use the call-back functions with the session_set_save_handler():

<?php

    function open ($save_path, $session_name) {
        global $sess_save_path, $sess_session_name;

        $sess_save_path = $save_path;
        $sess_session_name = $session_name;
        return(true);
    }

    function close() {
        return(true);
    }

    function read ($id) {
        // code to read data     
    }

    function write ($id, $sess_data) {
        // write data
    }

    function destroy ($id) {
        // destroy data
    }


    function gc ($maxlifetime) {
        // Garbage collect
    }

    session_set_save_handler ("open", "close", "read", "write", "destroy", "gc");
    // we can leave arguments, by passing an empty string ("")
    // to the session_set_save_handler()
    // session_set_save_handler ("open", "", "read", "write", "destroy", "gc");
    session_start();


?>

I guess the basics of sessions end here, rest is up to your inventions. My life became so much easier since I started using sessions with my applications that I wanted to share some with you. What are you waiting for, explore!