Recipe 8.6 Using Session Tracking
8.6.1 Problem
You want to maintain information
about a user as she moves through your site.
8.6.2 Solution
Use the
session
module. The session_start( ) function initializes
a session, and accessing an element in the global
$_SESSION
array tells PHP to keep track of the corresponding variable.
session_start();
$_SESSION['visits']++;
print 'You have visited here '.$_SESSION['visits'].' times.';
8.6.3 Discussion
To start a session automatically on each request, set
session.auto_start to 1 in
php.ini. With
session.auto_start, there's no
need to call session_start( ).
The session functions keep track of users by issuing them
cookies with a randomly generated
session IDs. If
PHP detects that a user doesn't accept the session
ID cookie, it automatically adds the session ID to URLs and
forms. For example, consider this code that prints a URL:
print '<a href="train.php">Take the A Train</a>';
If sessions are enabled, but a user doesn't accept
cookies, what's sent to the browser is something
like:
<a href="train.php?PHPSESSID=2eb89f3344520d11969a79aea6bd2fdd">Take the A Train</a>
In this example, the session name is PHPSESSID and
the session ID is
2eb89f3344520d11969a79aea6bd2fdd. PHP adds those
to the URL so they are passed along to the next page. Forms are
modified to include a hidden element that passes the session ID.
Redirects with the Location header
aren't automatically modified, so you have to add a
session ID to them yourself using the SID
constant:
$redirect_url = 'http://www.example.com/airplane.php';
if (defined('SID') && (! isset($_COOKIE[session_name()]))) {
$redirect_url .= '?' . SID;
}
header("Location: $redirect_url");
The session_name(
)
function returns the name of the cookie
that the session ID is stored in, so this code appends the
SID constant only to
$redirect_url if the constant is defined, and the
session cookie isn't set.
By default, PHP stores session data in files in the
/tmp directory on your server. Each
session is stored in its own file. To change the directory in which
the files are saved, set the session.save_path
configuration directive in php.ini to the new
directory. You can also call session_save_path(
) with the new directory to change directories,
but you need to do this before accessing any session variables.
8.6.4 See Also
Documentation on session_start( ) at
http://www.php.net/session-start,
session_save_path( ) at
http://www.php.net/session-save-path; the
session module has a number of configuration directives that help you
do things like manage how long sessions can last and how they are
cached; these are detailed in the
"Sessions" section of the online
manual at http://www.php.net/session.
|
