 |
|
ss
Oracle Tips by Burleson |
Sessions
What are sessions and why are they used? As stated
earlier, PHP is an interpreted scripting language and the interpreter
is embedded into the web server processes. Below are processes that an
Apache server spawns when the machine is started:
Each of those processes is able to interpret PHP
scripts and it is unknown which among those processes will serve the
next request. This means that all variables defined during the
execution of a PHP script are “forgotten” as soon as another httpd
process serves the next page. This applies to both global and static variables. Sessions answer the questions regarding how to make global
variables really global.
HTTP (HyperText Transfer Protocol) is a stateless
protocol, and no persistent connections are made to the web server.
For easier programming and variable sharing, cookies and sessions are
introduced.
Sessions and cookies are not specific to PHP. They
are HTTP entities supported by all browsers and web servers. Cookies
are entities carried in the headers of HTML pages and stored locally
on the machines that use the browser to view pages served by a web
server. Cookies contain content, expiration date and the name of the
web server which requested the cookie be set.
Below is a picture of the top portion of a cookie
file for Mozilla browser on a Linux PC.
When a browser accesses a web server that has
previously set a cookie on it, the browser sends to the server all
valid cookies set by that server. This is an over simplification but
it is sufficient for the purpose of this discussion. The full
specification of the cookie mechanism can be found at:
http://www.netscape.com/newsref/std/cookie_spec.html
Cookies are used to create sessions. HTTP is a
stateless protocol. Stateless protocols do not allow permanent
sessions. So what exactly are these sessions?
Sessions are objects that are maintained as
persistent, (most frequently as files, but there are extensions that
can put them in shared memory or a database) and which contain
information that should be made persistent between requests.
Sending that information over the network as a
cookie for each request would be excruciatingly slow, so the variables
needed for the script to work are kept in the session. How are
sessions created?
Sessions are created and started by using the
session_start()function. The
session_start() function starts the session if it has already
been started and reads the session data if it has been started. Before
going to more complicated examples, consider the example 7 from
Chapter 1, now slightly reworked:
$ cat example7b.php
#!/usr/local/bin/php
<?php
session_start();
$N=array(1,2,3,4,5,"next",6,7,8,9,"stop",10);
foreach ($N as $n) {
if ($n=="next") { continue; }
if ($n=="stop") { break; }
print "$n ";
}
print "\n";
$_SESSION['array_from_example7`']=$N;
$sess=session_id();
print "my session id is:$sess\n";
print "my session data is stored in /tmp/sess_$sess\n";
?>
$
Functions session_start() and session_id()
are being used, as well as the “superglobal” array $_SESSION. What
happens when this script is executed?
$ ./example7b.php
1 2 3 4 5 6 7 8 9
my session id is:qdrsb53dpg5ju8t1i9e6a8sk82
my session data is stored in
/tmp/sess_qdrsb53dpg5ju8t1i9e6a8sk82
Nothing special has happened. The loop is still
executing as before, but there is new entity called “session”. Does
the file shown by the script exist and what is in that file?
$ ls -l /tmp/sess_qdrsb53dpg5ju8t1i9e6a8sk82
-rw------- 1 mgogala users 141 Oct
31 00:29 /tmp/sess_qdrsb53dpg5ju8t1i9e6a8sk82
$ cat /tmp/sess_qdrsb53dpg5ju8t1i9e6a8sk82
array_from_example7`|a:12:{i:0;i:1;i:1;i:2;i:2;i:3;i:3;i:4;i:4;i:5;i:5;s:4:"next";i:6;i:6;i:7;i:7;i:8;i:8;i:9;i:9;i:10;s:4:"stop";i:11;i:10;}$
The file obviously exists and contains the array
$N from the example, with the name “array_from_example7” as the key to
the $_SESSION array. Any other script with the same session ID would
have access to the same session file and would be able to read the
variable from the $SESSION array as $_SESSION['array_from_example7'].
How does a web server know the session_id
of the session invoking the script? The session_start()
function sets a cookie in the browser if a browser is used. The
cookie name is PHPSESSID and it can be easily found in the browser’s
cookie file when present.
But how are things put into session? Here the
story gets a bit complicated. The best thing to use is $_SESSION
built in global array. $_SESSION is accessible by a key which can be
chosen as needed, but then must be used consistently across all the
scripts interested in that particular session.
There is also a session_register() function Here is what the online manual returns for the
session_register function:
See
code depot for complete scripts
The above book excerpt is from:
Easy Oracle
PHP
Create Dynamic Web Pages with Oracle Data
ISBN
0-9761573-0-6
Mladen Gogala
http://www.rampant-books.com/book_2005_2_php_oracle.htm
|
