Thu, 04/09/2008 - 21:03 — horuskol

By default, PHP stores session data in files, although it can make us of databases and there are a number of functions that can be used to enhance session handling in scripts. For beginners, though, the default handling is usually enough.

In PHP, there is one initial requirement for using sessions. Every page must call the session_start() function before any information is sent to the client from the server, and before you can actually access the session data.

After that is done, the session data is accessed with the $_SESSION superglobal array.

Typically, I make sure that one of the first things that happen in my PHP scripts is the inclusion of a common file which does all of the things that must happen before the page can be created.

So, in the file "index.php", for example, I would have something like:

<?php
 
// index.php
 
require_once('/includes/common.php');
 
// page code goes below here
 
 
?>

And then in my common file, I would have:

<?php
 
// includes/common.php
 
session_start();
 
// other necessary things for startup here...
 
 
?>

There are actually a lot of settings in the PHP configuration itself which affect session behaviour - but the out-of-the-box settings are typically enough for most uses. There will be a more detailed article on PHP configuration at a later date.