Do sessions use cookies?

It is possible to use PHP sessions without a cookie by adding the session ID to url’s, however by default it is done by a single cookie being stored with a unique session ID. The server stores the actual session values, the users browser stores their unique ID for the server to request each time.

PHP sessions uses a cookie called PHPSESSID and is typically stored in the /tmp/ directory on the web server itself. The way the server knows to associate a given session with a given request is that it’s also stored in an HTTP cookie

Using sessions within PHP code

In a standard PHP application, a session would be started using the session_start function at the very top of the PHP scripting

if ( !isset($_SESSION))
	session_start();

Session Timeout

Sessions timeout by default after 24 minutes. You can cahnge this via php.ini, but it is done this way to protect against hackers tryign to hijack old sessions so consider if you should.

Using $_SESSION

  $_SESSION['my_session_name'] = "YES";
          
  if (isset($_SESSION['my_session_name']) && ($_SESSION['my_session_name'] == 'YES'))
    $Something = 1;
          
  unset($_SESSION['my_session_name']);
USEFUL?
We benefit hugely from resources on the web so we decided we should try and give back some of our knowledge and resources to the community by opening up many of our company’s internal notes and libraries through mini sites like this. We hope you find the site helpful.
Please feel free to comment if you can add help to this page or point out issues and solutions you have found, but please note that we do not provide support on this site. If you need help with a problem please use one of the many online forums.

Comments

Your email address will not be published.