1 / 18

Sessions

Sessions. Reminder. HTTP is a Stateless Protocol. Stateless Protocol (XKCD). Stateless Protocol (Technical). The solution. Sessions. session_start (). Creates ssesion ID if none present in request Uses session ID, if present in the request Lets you use $_SESSION

portia
Download Presentation

Sessions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Sessions

  2. Reminder HTTP is a Stateless Protocol

  3. Stateless Protocol (XKCD)

  4. Stateless Protocol (Technical)

  5. The solution Sessions

  6. session_start() • Creates ssesion ID if none present in request • Uses session ID, if present in the request • Lets you use $_SESSION • http://www.php.net/manual/en/function.session-start.php

  7. How is my session associated with my request • Each request sends a session id in one of two ways • Cookie • GET parameter (you want to avoid parameters whenever possible)

  8. Where do session IDs come from? • http://git.php.net/?p=php-src.git;a=blob;f=ext/session/session.c;h=48b9d1157744f58977eb2ac4a9759aee0fc39324;hb=HEAD#l282 • http://git.php.net/?p=php-src.git;a=blob;f=ext/hash/hash_sha.c#l206 Advanced Technical Detail

  9. Session IDs are numbers • Hashes from random points in memory

  10. What can I store in a session Serializable Data

  11. What's this serialization thing all about: “It lets you take an object or group of objects, put them on a disk or send them through a wire or wireless transport mechanism, then later, perhaps on another computer, reverse the process: resurrect the original object(s). The basic mechanisms are to flatten object(s) into a one-dimensional stream of bits, and to turn that stream of bits back into the original object(s). Like the Transporter on Star Trek, it's all about taking something complicated and turning it into a flat sequence of 1s and 0s, then taking that sequence of 1s and 0s (possibly at another place, possibly at another time) and reconstructing the original complicated ‘something’.” • http://www.parashift.com/c++-faq-lite/serialize-overview.html

  12. What’s serializable in PHP? • Simple Data (2, “string”, [1, “a” => 2]) • Objects

  13. What’s not serializable in PHP? • Resources • Network Sockets • File Handles • Database Connetions

  14. How do I store things in $_SESSION? • $_SESSION[“thing1”] = 1 • $_SESSION[“my array”] = [1, 1, 2, 3, 5]

  15. How do I retrieve things from $_SESSSION? • $thing1 = $_SESSION[“thing1] • $myArray = $_SESSION[“my array”]

  16. How to destroy a session? • session_destroy() • http://www.php.net/manual/en/function.session-destroy.php

  17. When do I destroy a session • The most common reason to destroy a session is when a user logs out.

  18. Where is the session store • By default the PHP session backend uses files. • http://www.php.net/manual/en/session.configuration.php#ini.session.save-path • http://www.php.net/manual/en/session.configuration.php

More Related