PHP Session

There is a relationship between Sessions and Cookies -- they serve somewhat the same purpose, and are, to a certain extent, usable interchangeably.  Sessions, which were integrated into PHP in version 4 of the language, are a means to store and track data for a user while they travel through a series of pages, or page iterations, on your site.

How Sessions Work

Sessions in PHP are started by using the session_start( ) function.  Like the setcookie( ) function, the session_start( ) function must come before any HTML, including blank lines, on the page.  It will look like this:

<?php
session_start( );
?>
<html>
<head> ....... etc

starting a php session

Before you can begin storing user information in your PHP session, you must first start the session. When you start a session, it must be at the very beginning of your code, before any HTML or text is sent.

Below is a simple script that you should place at the beginning of your PHP code to start up a PHP session.

PHP Code:
<?php
session_start(); // start up your PHP session! 
?>

storing a session variable

When you want to store user data in a session use the $_SESSION associative array. This is where you both store and retrieve session data. In previous versions of PHP there were other ways to perform this store operation, but it has been updated and this is the correct way to do it.

PHP Code:
<?php
session_start(); 
$_SESSION['views'] = 1; // store session data
echo "Pageviews = ". $_SESSION['views']; //retrieve data
?>
Display:
Pageviews = 1

cleaning and destroying your session

Although a session's data is temporary and does not require that you explicitly clean after yourself, you may wish to delete some data for your various tasks.

Imagine that you were running an online business and a user used your website to buy your goods. The user has just completed a transaction on your website and you now want to remove everything from their shopping cart.

PHP Code:
<?php
session_start();  
if(isset($_SESSION['cart']))
    unset($_SESSION['cart']); 
?>
You can also completely destroy the session entirely by calling the session_destroy function.

PHP Code:
<?php
session_start(); 
session_destroy();

?>

PHP Login Example:

Index.php:

<?php

$host="localhost"; // Host name
$username="root"; // username
$password="root"; // password
$db_name="TA"; // Database name
$tbl_name="user"; // Table name

mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");



$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
  // Register $myusername, $mypassword and redirect to file "login_success.php"
  session_start();
  $_SESSION['username'] = $myusername;
  $_SESSION['password'] = $mypassword; 
  header("location: login_success.php");
} 
    else {
        echo "Wrong Username or Password";
}


?>

And codes for login_success.php :

<?php 
session_start(); 

if(!$_SESSION['username']){ 
    header("Location: index.html"); 
    exit; 
} 
echo 'Welcome, '.$_SESSION['username']; 
header("Location: student-page.html");
?>