Is my understanding of PHP sessions correct?

by

My understanding is of the internal session handling process is the following:

When session_start is called, PHP is looking for a parameter from the client that was sent via POST, GET, or in a cookie (depending on the configuration; see session.use_cookies, session.use_only_cookies, and session.use_trans_sid) with the name of the value of session.name to use the session ID of an already started session.

If it finds a valid session ID, it tries to retrieve the session data from the storage (see session.save_handler) to load the data into $_SESSION. If it can’t find an ID or its usage is forbidden, PHP generates a new ID using a hash function (see session.hash_function) on data of a source that generates random data (see session.entropy_file).

At the end of the runtime or when session_write_close is called, the session data in $_SESSION is stored away into the designated storage.

More Related Contents:

  1. Session variables not working php
  2. “Keep Me Logged In” – the best approach
  3. How to fix the session_register() deprecated issue?
  4. PHP: Storing ‘objects’ inside the $_SESSION
  5. Preventing session hijacking
  6. How can I fix the Permission error when I call session_start()?
  7. What is the default lifetime of a session?
  8. PHP sessions timing out too quickly
  9. proper way to logout from a session in PHP
  10. Maximum size of a PHP session
  11. Looping Through All a Server’s Sessions in PHP
  12. Can’t pass mysqli connection in session in php
  13. Multiple PHP Sessions
  14. Cross domain PHP Sessions
  15. Accessing session from TWIG template
  16. PHP Warning Permission denied (13) on session_start() [duplicate]
  17. Is this a proper way to destroy all session data in php?
  18. PHP __PHP_Incomplete_Class Object with my $_SESSION data
  19. How do I continue a session from one page to another with PHP
  20. Session hijacking and PHP
  21. CakePHP remember me with Auth
  22. Access active sessions in PHP
  23. Laravel 5 Session Lifetime
  24. session_start hangs
  25. PHP session IDs — how are they generated? [duplicate]
  26. PHP authentication with multiple domains and subdomains
  27. Reopening a session in PHP
  28. PHP Session Id changes between pages
  29. Extending session timeout in PHP via the .htaccess
  30. saving checkbox state on reload

Leave a Comment