Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Working with sessions

From: PHP with MySQL Essential Training

Video: Working with sessions

Now that we understand how to work with cookies, we're ready to talk about how to work with Sessions. Early on I told that you that there are three main ways that we can get data from our users. They can either type a URL or click a link, and that'll be a get request. They can submit a form to us and that would be a post request. Or we can pull values out of their browser cookies that are sent with every request that they make. That's what we've been looking at how to do recently. Well, there's actually a fourth one that I didn't tell you about. We should mention here. Which is sessions, and sessions are related to cookies, so they kind of go together because they rely on cookies to do their work.

Working with sessions

Now that we understand how to work with cookies, we're ready to talk about how to work with Sessions. Early on I told that you that there are three main ways that we can get data from our users. They can either type a URL or click a link, and that'll be a get request. They can submit a form to us and that would be a post request. Or we can pull values out of their browser cookies that are sent with every request that they make. That's what we've been looking at how to do recently. Well, there's actually a fourth one that I didn't tell you about. We should mention here. Which is sessions, and sessions are related to cookies, so they kind of go together because they rely on cookies to do their work.

A session is a file that's stored on the web server. Not on the browser side, it's on the web server in the web server's file system. And you can store a lot more information in this file, than you can in a browser cookie. So when we want to save some information the process is, instead of sending it as a cookie to the user, we put it in the session file. And then we still send a cookie to the user, but what we send them is a reference to that session file. Then with every request they make to the web server after that, they send that reference and were able to look up that session file, and pull all the data out of it.

So the most important difference with sessions is the fact that they're stored server side, and not client side. They stay on the web server. All we send to the client is a reference to help us find that file the next time that they make a request. Using sessions has some benefits as well as some drawbacks. First, let's look at the pros. First, you get more storage with a session than with a cookie. A cookie is limited to 4000 characters maximum. Now, most times you're probably going to put something much, much smaller in there, but that is the limit. You can't put a whole lot in there.

Where as with the session, it's really limited only by the file storage size that you have on your web server. How big of a hard drive do you have? That's the limit. The other nice thing is that it makes for smaller request sizes. Let's say that we did have 4000 characters that we were storing in a cookie. Well, every single request that comes from that user is going to carry all 4000 characters back to us. If we just have a session, then it's going to be sending us just that session ID. That's it. All the heavy data is still sitting on the web server, it doesn't have to be sent in with each and every request.

Another nice benefit is the fact that it conceals our data values. Remember with cookies, we could just go into our data browser and see what those values were. But that won't be true with sessions. The only thing you can see is the reference to the session ID, and that ID is really not that meaningful. All the data is still stored on the server side, and that makes it more secure and less hackable. There are some drawbacks though. It's slower to access. If you think about it, when a cookie comes in, the data comes in with every request. Nice and simple. When a session comes in, we have to get that session value out of the cookie, then turn around and go to the file system, find the file, and then read the data back out of the file.

It takes a little bit longer. Now, I think you probably won't notice the difference, but I just want to mention it to you that it is a little bit slower to use sessions than it is to use cookies. Another big difference is the fact that sessions expire whenever the browser is closed, and that's by design. They're meant to be that way, they're meant to be a single session. You sit down at your computer, you go to a website, you visit it, you surf around and then when you're done you close you browser; your session is over. A cookie on the other hand, you can tell it to expire five months from now, and it will stick around.

Sessions are designed to expire. If the user closes their browser, then that cookie that has a reference to the session expires and goes away. And when they reopen their browser and start again, they won't have that cookie anymore to send with each and every request. Unfortunately though, the session file that you are storing all that data in, is still there, so that's an important con to keep an eye on. It's the fact that the session files can accumulate. As part of your server management, you're going to want to keep an eye on those files, and have a system in place to go through periodically and prune those back.

And to say okay, any session file that hasn't been modified in the last month, we are going to delete. And it just becomes part of your regular server maintenance. Now, PHP handles finding the session for us, we don't have to do that process. So, getting the cookie value, going and looking for the session, that happens automatically behind the scenes. And then it stores that session information in another super global, which is session. So remember, even though sessions use cookies, that's just the mechanism that makes them work. Their data's not stored with the other cookies, it's stored in the session.

So, we can have a difference. Cookies are going to be in cookie, the session variables are going to be inside session. We're going to access it in the same way. Let's try it. So, to start with, let's take basic.html, open it up, and I'll do Save As. And we'll call this sessions.php. And to start a session, it's really easy, we just say session start. This command has a little bit of magic behind it, because what it does is it tells PHP to grab the session cookie that's related to the session. Go and find the session file, open it up and get the data out and populate our super global with it.

Or, if there's isn't a file yet, then let's create the file and prepare to send a reference back to the user with a cookie so that in the future they can access it. So it does quite a bit behind the scenes for us. Now, you may have picked up on an important fact there though, which is that sessions use cookies, and cookies use headers. And what do we know about headers? A header has to come before any HTML output, unless output buffering is turned on. So the session start is usually the very first thing that you want to do.

That's a good practice anyway. Before we even do anything else, let's get our session rolling. Let's get all that housekeeping out of the way, and then we'll be ready to take care of business from there. So without doing anything else, let's just save our file and let's load that page up. Go into Firefox and set cookies, load up sessions. Here you can see that I'm on the sessions page because the title changed. And let's just go now into Firefox, into our Preferences and let's just take a look at our cookies. Let's do Show Cookies and here's local host and look at that, PHPSESSID. That's the default name for session cookies.

And in your PHPINNI file, you can configure that something else if you want. That's pretty standard, and it's fun. Now, notice what the content is though. It is a reference that is pretty meaningless. It's a long string that is going to allow PHP to locate the file, but at the same time it doesn't give away a lot of details about the way that our site works. For example, if we had a user ID and a stored number 45 in a cookie, well, now the person knows a little bit about it. They know that the record 45 in our database is that user. Now they don't know that, now they just have a reference to some mysterious file that lives on the web server.

Okay, now that we have our session established, we're ready to start working with values. And it's really just super simple, we just say PHP and then Session, and let's set one, first name equals Kevin. Notice that I didn't have to do any special set cookie kind of thing or anything like that. I can just refer to this variable, and PHP will take care of putting it in the Session file for me. I don't have to do anything special. And then let's try getting that back. Let's say the name is going to be equal to session first name, and then echo back name.

Let's try it. Let's reload the page, there it is. Notice that it was able to set it, and read it all in the same request recycle. That's different than what we had with cookies, and that's because we don't have to go back to the user's browser to either set a value or get a value. It's happening right here from the session file that we have open. So, it's writing the value directly into it, and then immediately reading that same value back. That's the nice thing about working with sessions. Now, there's a lot more that you can do with sessions. You can retrieve that session ID if you need it inside your code.

You can unset a single key value pair. Typically, you would just want to set it to null, that's the easiest way to make it go away. There's all sorts of other commands that you would use instead. You can clear all the stored values. All of those are available on the PHP website. I don't think we really need to go into them. For the most part, you just need to understand the way that sessions work, and then we can just put values into 'em and get values back. And as long as that user sends us the session ID, we'll be able to access these values for them. So, it's really all there is to working with sessions. They're very simple, but they're very powerful and very useful. I think when you start developing actual applications, you're going to use sessions five or even ten times as often as you're going to use cookies.

Show transcript

This video is part of

Image for PHP with MySQL Essential Training
PHP with MySQL Essential Training

131 video lessons · 33435 viewers

Kevin Skoglund
Author

 
Expand all | Collapse all
  1. 4m 8s
    1. Welcome
      1m 0s
    2. Using the exercise files
      3m 8s
  2. 15m 6s
    1. What is PHP?
      3m 52s
    2. The history of PHP
      2m 51s
    3. Why choose PHP?
      4m 10s
    4. Installation overview
      4m 13s
  3. 54m 53s
    1. Overview
      2m 33s
    2. Working with Apache Web Server
      6m 56s
    3. Changing the document root
      7m 24s
    4. Enabling PHP
      6m 16s
    5. Upgrading PHP
      3m 30s
    6. Configuring PHP
      10m 3s
    7. Installing MySQL
      5m 46s
    8. Configuring MySQL
      7m 24s
    9. Text editor
      5m 1s
  4. 31m 25s
    1. Overview
      3m 27s
    2. Installing WampServer
      5m 46s
    3. Finding the document root
      2m 24s
    4. Configuring PHP
      8m 12s
    5. Configuring MySQL
      5m 45s
    6. Text editor
      5m 51s
  5. 19m 12s
    1. Embedding PHP code on a page
      6m 43s
    2. Outputting dynamic text
      5m 55s
    3. The operational trail
      2m 27s
    4. Inserting code comments
      4m 7s
  6. 1h 18m
    1. Variables
      7m 50s
    2. Strings
      4m 38s
    3. String functions
      8m 54s
    4. Numbers part one: Integers
      6m 27s
    5. Numbers part two: Floating points
      5m 25s
    6. Arrays
      10m 0s
    7. Associative arrays
      6m 37s
    8. Array functions
      6m 33s
    9. Booleans
      3m 50s
    10. NULL and empty
      5m 15s
    11. Type juggling and casting
      8m 27s
    12. Constants
      4m 43s
  7. 27m 37s
    1. If statements
      6m 0s
    2. Else and elseif statements
      4m 16s
    3. Logical operators
      7m 30s
    4. Switch statements
      9m 51s
  8. 42m 15s
    1. While loops
      8m 41s
    2. For loops
      5m 59s
    3. Foreach loops
      8m 16s
    4. Continue
      8m 28s
    5. Break
      4m 8s
    6. Understanding array pointers
      6m 43s
  9. 37m 25s
    1. Defining functions
      8m 25s
    2. Function arguments
      5m 32s
    3. Returning values from a function
      7m 33s
    4. Multiple return values
      4m 53s
    5. Scope and global variables
      6m 2s
    6. Setting default argument values
      5m 0s
  10. 20m 18s
    1. Common problems
      3m 47s
    2. Warnings and errors
      8m 36s
    3. Debugging and troubleshooting
      7m 55s
  11. 57m 57s
    1. Links and URLs
      5m 33s
    2. Using GET values
      5m 35s
    3. Encoding GET values
      8m 41s
    4. Encoding for HTML
      9m 26s
    5. Including and requiring files
      7m 40s
    6. Modifying headers
      6m 45s
    7. Page redirection
      6m 43s
    8. Output buffering
      7m 34s
  12. 1h 3m
    1. Building forms
      7m 28s
    2. Detecting form submissions
      5m 59s
    3. Single-page form processing
      7m 57s
    4. Validating form values
      10m 40s
    5. Problems with validation logic
      9m 54s
    6. Displaying validation errors
      7m 23s
    7. Custom validation functions
      6m 28s
    8. Single-page form with validations
      7m 25s
  13. 28m 5s
    1. Working with cookies
      2m 49s
    2. Setting cookie values
      5m 55s
    3. Reading cookie values
      6m 1s
    4. Unsetting cookie values
      4m 51s
    5. Working with sessions
      8m 29s
  14. 48m 39s
    1. MySQL introduction
      6m 43s
    2. Creating a database
      7m 41s
    3. Creating a database table
      7m 42s
    4. CRUD in MySQL
      5m 48s
    5. Populating a MySQL database
      7m 32s
    6. Relational database tables
      6m 40s
    7. Populating the relational table
      6m 33s
  15. 56m 4s
    1. Database APIs in PHP
      4m 51s
    2. Connecting to MySQL with PHP
      7m 45s
    3. Retrieving data from MySQL
      8m 47s
    4. Working with retrieved data
      6m 12s
    5. Creating records with PHP
      6m 58s
    6. Updating and deleting records with PHP
      9m 6s
    7. SQL injection
      3m 5s
    8. Escaping strings for MySQL
      6m 45s
    9. Introducing prepared statements
      2m 35s
  16. 35m 58s
    1. Blueprinting the application
      7m 19s
    2. Building the CMS database
      5m 14s
    3. Establishing your work area
      4m 38s
    4. Creating and styling the first page
      4m 22s
    5. Making page assets reusable
      6m 36s
    6. Connecting the application to the database
      7m 49s
  17. 32m 49s
    1. Adding pages to the navigation subjects
      5m 58s
    2. Refactoring the navigation
      6m 7s
    3. Selecting pages from the navigation
      6m 2s
    4. Highlighting the current page
      5m 26s
    5. Moving the navigation to a function
      9m 16s
  18. 1h 45m
    1. Finding a subject in the database
      9m 48s
    2. Refactoring the page selection
      10m 52s
    3. Creating a new subject form
      6m 55s
    4. Processing form values and adding subjects
      11m 20s
    5. Passing data in the session
      9m 16s
    6. Validating form values
      9m 40s
    7. Creating an edit subject form
      8m 30s
    8. Using single-page submission
      7m 44s
    9. Deleting a subject
      9m 44s
    10. Cleaning up
      10m 37s
    11. Assignment: Pages CRUD
      4m 30s
    12. Assignment results: Pages CRUD
      6m 10s
  19. 39m 26s
    1. The public appearance
      8m 52s
    2. Using a context for conditional code
      11m 37s
    3. Adding a default subject behavior
      6m 9s
    4. The public content area
      5m 51s
    5. Protecting page visibility
      6m 57s
  20. 1h 3m
    1. User authentication overview
      4m 3s
    2. Admin CRUD
      8m 41s
    3. Encrypting passwords
      7m 26s
    4. Salting passwords
      5m 42s
    5. Adding password encryption to CMS
      11m 54s
    6. New PHP password functions
      3m 13s
    7. Creating a login system
      11m 28s
    8. Checking for authorization
      5m 48s
    9. Creating a logout page
      5m 40s
  21. 2m 4s
    1. Next steps
      2m 4s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ.

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed PHP with MySQL Essential Training.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferencesfrom the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.