What Is a Session?

This section describes the session concept used by Web server side applications. A Web session represents a series of HTTP requests and responses exchanged between a browser and a Web server. Usually, a cookie is used to carry the ID of a Web session.

What Is a Session? A session is an abstract concept to represent a series of HTTP requests and responses exchanged between a specific Web browser and a specific Web server. The session concept is very useful for Web based applications to pass and share information from one Web page (request) to another Web page (request).

Since the current design of HTTP protocol does not support session concept, all Web server side scripting technologies, including PHP, have designed their own ways to support the session concept. The key design element of session support is about how to identify a session with an ID (identification) and how to maintain the session ID. One common way to maintain the session ID is use the cookie technology. The following diagram shows you how to do this:

           Server                Browser
ID created  | <-- Request #1  --- |
            | --- Response #1 --> | ID kept as cookie
            | <-- Request #2  --- | ID send back to server
            | --- Response #2 --> |
            | <-- Request #3  --- | ID send back to server
            | --- Response #3 --> |
            |     ......          |

The session concept should be managed by the server. When the first request comes from a browser on a client host, the server should create a new session, and assigns a new session ID. The session ID will be then sent back to the same browser as a cookie. The browser will remember this ID, and send the ID back to the server in subsequent requests. When the server receives a request containing the same session ID, it knows that this request is a continuation of an existing session.

When the server receives a request from a browser on a new client host (request without a session ID), the server should not only create a new session ID, it should also create a new session object associated with the new session ID. This session object should become the storage place for different requests of the same session to store and share information between requests containing the same session ID.

If there is no subsequent request coming back for a long time for a particular session ID, that session should be timed out. After the session has been timed out, if the browser comes back again with the same session ID, the server should give an invalid session error.

Last update: 2015.

Table of Contents

 About This Book

 Introduction and Installation of PHP 7.0

 PHP Script File Syntax

 PHP Data Types and Data Literals

 Variables, References, and Constants

 Expressions, Operations and Type Conversions

 Conditional Statements - "if" and "switch"

 Loop Statements - "while", "for", and "do ... while"

 Function Declaration, Arguments, and Return Values

 Arrays - Ordered Maps

 Configuring and Sending out Emails

 Retrieving Information from HTTP Requests

Creating and Managing Sessions in PHP Scripts

What Is a Session?

 How Sessions Are Support in PHP?

 SessionPage*.php - Session Test Script Pages

 Running Session Test Script Pages

 Managing Session IDs without Cookies

 Where Is Session Data Stored?

 Sending and Receiving Cookies in PHP Scripts

 Controlling HTTP Response Header Lines in PHP Scripts

 MySQL Server Connection and Access Functions

 Functions to Manage Directories, Files and Images

 SOAP Extension Function and Calling Web Services

 SOAP Server Functions and Examples

 Localization Overview of Web Applications

 Using Non-ASCII Characters in HTML Documents

 Using Non-ASCII Characters as PHP Script String Literals

 Receiving Non-ASCII Characters from Input Forms

 "mbstring" Extension and Non-ASCII Encoding Management

 Managing Non-ASCII Character Strings with MySQL Servers

 Introduction of Class and Object

 Integrating PHP with Apache Web Server

 Outdated Tutorials

 References

 PDF Printing Version