Understanding web sessions

- [Instructor] HTTP is a stateless protocol,…so there's no retention of any…information between webpages.…However there's often a need for managing information…across a web session consisting of multiple interactions.…Consequently, web developers will code their systems…to uniquely track a web user through the use…of unique sessions IDs issued by the server.…Each browser request sent to the web server…will then include session ID.…Session IDs will often be used as a way…to uniquely identify an authenticated user,…and potentially enable access to sensitive information.…

A typical way for a web developer to store session IDs…is to use the .php session array,…and then the session ID can be passed in one of two ways,…embedded in the URL or through the use of cookies.…We can also create our own variables…and store them in the session array as required.…I've created a webpage for Apache which uses sessions.…So let's have a look at how we'd get…a session ID and use the session array.…

We can see the private sessions start…