How do PHP sessions work? (not “how are they used?”)

by

In the general situation :

  • the session id is sent to the user when his session is created.
  • it is stored in a cookie (called, by default, PHPSESSID)
  • that cookie is sent by the browser to the server with each request
  • the server (PHP) uses that cookie, containing the session_id, to know which file corresponds to that user.

The data in the sessions files is the content of $_SESSION, serialized (ie, represented as a string — with a function such as serialize) ; and is un-serialized when the file is loaded by PHP, to populate the $_SESSION array.

Sometimes, the session id is not stored in a cookie, but sent in URLs, too — but that’s quite rare, nowadays.

For more informations, you can take a look at the Session Handling section of the manual, that gives some useful informations.

For instance, there is a page about Passing the Session ID, which explains how the session id is passed from page to page, using a cookie, or in URLs — and which configuration options affect this.

More Related Contents:

  1. Parse error: syntax error, unexpected T_STRING in C:\wamp\www\b_php\project\login_save.php on line 14 [closed]
  2. Allow php sessions to carry over to subdomains
  3. Check if PHP session has already started
  4. How to use store and use session variables across pages?
  5. Understanding the “post/redirect/get” pattern
  6. Using sessions & session variables in a PHP Login Script
  7. Where to put password_verify in login script?
  8. PHP session without cookies
  9. PHP Session timeout
  10. PHP Session data not being saved
  11. Why is PHP session_destroy() not working?
  12. How long will my session last?
  13. PHP Session Hijacking
  14. PHP session side-effect warning with global variables as a source of data
  15. How to prevent PHP sessions being shared between different apache vhosts?
  16. How to set lifetime of session
  17. PHP sessions default timeout [duplicate]
  18. Storing objects in PHP session
  19. PHP & Sessions: Is there any way to disable PHP session locking?
  20. How to manage a single PHP5 session on multiple apache servers?
  21. How to set session timeout in Laravel?
  22. Undefined variable: $_SESSION
  23. Cookies vs. sessions in PHP
  24. How to properly handle session and access token with Facebook PHP SDK 3.0?
  25. PHP Session ID changing on every request
  26. How to keep a PHP session active even if the browser is closed?
  27. Same domain, different folder PHP session
  28. Reopening a session in PHP
  29. Extending session timeout in PHP via the .htaccess
  30. saving checkbox state on reload

Leave a Comment