I had this question in a quiz:
Once a session is started, all data related to the session is accessible through the $_SESSION superglobal.
A. True
B. False
My answer was false, because I thought only the data stored explicitly like this: $_SESSION["something"] = "something", is accessible.
But I the correct answer was true.
So, what else can I get from this superglobal? Or maybe it's just the wording issues, the actual question was asking everything in this session stored like this can be accessible?
$_SESSION superglobal may be to use only with session. When you pass data with session also, you can get data with it. Data types can be string, int,float,array etc.
For example:
<?php
// Start new or resume existing session.
session_start();
// Add values to the session.
$_SESSION['item_name'] = 'value'; // string
$_SESSION['item_name'] = 0; // int
$_SESSION['item_name'] = 0.0; // float
// Get session values.
$value = $_SESSION['item_name'];
Related
I am trying to fully understand sessions, and I conducted this test:
my code is:
test.php
<?
#session_start();
if(isset($_SESSION['test'])) {
echo "test success";
}
?>
When I enter my cookie manually into my browser using an addon as:
PHPSESSID test
It does not recognise it.
$_SESSION is a "superglobal" (available everywhere) array that is tied with a cookie using a unique session id.
If you're wanting to reference cookie values you've set you'll need to use the $_COOKIE superglobal array.
You can read more about superglobals here: http://php.net/manual/en/language.variables.superglobals.php
And how $_SESSION and $_COOKIE works here:
http://php.net/manual/en/reserved.variables.cookies.php
http://php.net/manual/en/reserved.variables.session.php
You cannot set values in the SESSION by using the browser like that. PHP is the only place you'll be able to set the 'test' key to a value, like true or false.
session_start();
// You could assign this based on the value of a cookie
$_SESSION['test'] = true;
if ($_SESSION['test']) {
// this is a test session
}
Hope that helps.
To see the result of your cookie change, do:
<?
#session_start();
if(session_id() == 'test') {
echo "test success";
}
The cookie contains the session ID, individual session variables are stored on the server, using this ID and the variable name as keys (the default configuration uses a file named after the session ID).
I have a PHP script that uses session_decode to get the session variables of customer's session (from session stored file).
The problem is that whenever I call the script and it reads the session variables, it also add them to my own session. Is there a way to avoid this or maybe use a better method to get the customer's session information without using session_decode?
Thanks
I think I have found the simplest solution/workaround:
<?php
// if session is not started
session_start();
// store our current session
$my_sess = $_SESSION;
// decode $data (the encoded session data, either from a file or database). Remember, decoded data is put directly into $_SESSION
session_decode($data);
$data = $_SESSION;
print_r($data);
// restore our own session
$_SESSION = $my_sess;
?>
Can some explain to me the best way to store a $_GET variable in a session and the only way the sessions changes is when we verify the data the session is being change to is different from the GET variable.
Currently i have
$tid = clean_get($_GET['tid']);
in a global file which is included on every page the problem with that is the value of $tid will be erased and not stored in a session like i want it to once the user is not on a page with $tid set in the url.
If you get $_GET['tid'] in url then set session again by that new value otherwise restore it from session. Thats it.
session_start();
$tid = (isset($_GET['tid']) && $_GET['tid']!="") ? clean_get($_GET['tid']) : $_SESSION['tid'];
Try this and tell me is it solved?
Use a function like isset() to see if it is being sent. Only then should you replace it:
if(isset($_GET['tid']))
{
$tid = clean_get($_GET['tid'])
// Do stuff to change session data.
}
I think what you are looking for is something like
session_start();
foreach ($_GET as $key=>$value) {
$_SESSION['getValues'][$key] = clean_get($value);
}
This will store all the values in $_GET in the $_SESSION. To retrieve the values later, you just have to use $_SESSION['getValues']['tid'] after calling session_start().
Here I'm assuming that clean_get() is just something that formats and/or escapes data that came in from forms, so calling it on each value before sticking into the session will do all that cleaning when needed.
Note: only call session_start() once, and make sure you do so before doing anything with $_SESSION, otherwise you'll get error messages.
Question related to PHP memory-handling from someone not yet very experienced in PHP:
If I set a PHP session variable of a particular name, and then set a session variable of the exact same name elsewhere (during the same session), is the original variable over-written, or does junk accumulate in the session?
In other words, should I be destroying a previous session variable before creating a new one of the same name?
Thank you.
$_SESSION works just like any other array, so if you use the same key each time, the value is overwritten.
Tom,
It depends on how you use the session variable, but it generally means "erasing" that variable (replacing the old value by the new value, to be exact).
A session variable can store a string, a number or even an object.
<?php
# file1.php
session_start();
$_SESSION['favcolor'] = 'green';
$_SESSION['favfood'] = array('sushi', 'sashimi');
?>
After this, the $_SESSION['favcolor'] variable and the $_SESSION['favfood'] variable is stored on the server side (as a file by default). If the same user visit another page, the page can get the data out from, or write to the same storage, thus giving the user an illusion that the server "remembers" him/her.
<?php
# file2.php
session_start();
echo $_SESSION['favcolor'], '<br />';
foreach ($_SESSION['favfood'] as $value) {
echo $value, '<br />';
}
?>
Of course, you may modify the $_SESSION variable in the way you want: you may unset() any variable, append the array in the example by $_SESSION['favfood'][] = 'hamburger'; and so on. It will all be stored to the session file (a file by default, but could be a database). But please beware that the $_SESSION variable acts magically only after a call to session_start(). That means in general, if you use sessions, you have to call session_start() at the beginning of every page of your site. Otherwise, $_SESSION is just a normal variable and no magic happens :-).
Please see the PHP reference here for more information.
cookie[person][name], cookie[person][id], cookie[person][age]
How to make the cookie like above?
Well, you could assign the value of the cookie to be a serialized array
$array = array("person1" => array("name" => "Ted"));
$value = serialize($array);
set_cookie("name", $value);
When you want to read it back, get the data from the cookie and unserialize it
$array = unserialize($_COOKIE['name']);
That probably wouldn't hide the data you are trying to store very well. The other situation is to use a Session variable instead
session_start();
Now you can assign anything you want, arrays, objects, anything to $_SESSION.
$_SESSION['person'] = array();
The session variable is very similar to an array, but the data is actually stored in a file, and the id of the user is stored in a cookie. PHP matches the ID on the cookie with the file, and when you hit session_start(), populates the superglobal with the files contents.
This means that objects you make will end up being serialized.
Either way, it is the same basic idea. You serialize a data structure, write it to a file (cookie or session file) and read it back later.