Retaining Data With PHP Sessions

PHP has a built-in sessions feature that makes it the easiest to retain data from one page to the next. As I said before, the server doesn’t know who you are from one page request to the next…unless you remind it every time. That’s what PHP Sessions does. When you start a session, PHP sends the session id to the client’s browser in the form of a cookie. Then the browser sends this cookie back to the server on every page request. In order to start or maintain a session, we only need this statement:

<?php
session_start();
?>

All you have to do is put that one line of code at the top of your pages to hold a session on your website. This single line of code will start a new session or maintain the current one, depending if the site visitor has an active session or not. If you don’t put this line of code at the very top, you may see this warning:

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/user/php/test.php:3) in /home/user/php/test.php on line 4

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/user/php/test.php:3) in /home/user/php/test.php on line 4

If you get any of these warnings, make sure that you aren’t sending any output before you run the session_start() statement.

Now that your session is active, storing and manging the data is just as easy. All the data is stored in a single global array: $_SESSION. Everything that is stored in there will be retained as long as the session is active.

When you are ready to destroy a session, like when a user logs out, simply run session_destroy(). There are many other items to know about sessions, like what to do if the visitor’s browser doesn’t accept cookies. All that and more can be answered by visiting this page in the PHP manual.

Sending Data in the URL

Sending data in the URL is probably the easiest way to send data from one page to the other. Take this example URL: http://www.example.com?variable=value&second=something. The bolded text is the “query string”. The question mark separates the query string from the URL, and each variable/value pair is separated by an ampersand (&). These variables become part of the $_GET array, so in our example URL, $_GET[‘variable’] equals ‘value’, and $_GET[‘second’] equals ‘something’.

More information on $_GET can be found here.

Sending Data via a Form

This method is for sending data that can’t be sent directly in the URL. This could be because it’s sensitive data, or maybe because you want your URLs to be clean. You need to build an HTML form first to send the data.

<form method="post" action="/path/to/script.php">
<input type="hidden" name="foo" value="bar" />
<input type="text" name="test_field" value="" />
<input type="submit" />
</form>

Similar to the $_GET array, all data will go into a $_POST array. So if our example was submitted, $_POST[‘foo’] would equal ‘bar’, and $_POST[‘test_field’] would equal whatever was typed in the text field.

More information on $_POST can be found here.

Have something to say or a question to ask? Post a comment. Please also use the contact form if there is an article you would like to see.