[solved] session best practices for arrays?

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
robster
Forum Contributor
Posts: 360
Joined: Wed Jul 16, 2003 8:28 am
Location: Sunshine Coast, Australia

[solved] session best practices for arrays?

Post by robster »

I've decided to take the bite and learn about sessions etc. Basically I have a site with a 2 page registration setup and I am a bit sick of passing variables etc, so I thought I'd save them as session data to retrieve when I see fit.

The question is, is there a way to save all my variables (about 20, some with a descriptive text) in one session (cookie) or should I create many (about 20 of them) each with their own variable?

I'm not sure HOW I would do it were I to do it all in one, and I'm not sure if storing 20(ish) session cookies would defeat the purpose?

Any advice would be appreciated.

:)

Rob
Last edited by robster on Sun Jun 12, 2005 1:33 am, edited 1 time in total.
Syranide
Forum Contributor
Posts: 281
Joined: Fri May 20, 2005 3:16 pm
Location: Sweden

Post by Syranide »

I think you jumbled up the session-definition a little.
A session is basically, a cookie with an ID (which is generally discarded when you close the browser), which on the server "links" to a (by default)file, which contains everything stored in $_SESSION.

What you store in the session doesn't really matter as it doesn't get transfered to the user. HOWEVER, do take some precautions as they are reused (naturally), meaning that a session is something that should be concering the current "visitation", such as login and so on, not page-related stuff, as he could very well be surfing using the same session in two windows.

EDIT: (Like storing formdata in a wizard should also be handled with care, preferably using an internal ID to guarantee he isn't surfing two wizards simulatenously and then his attempts would overwrite each other... so everything "state"-related should be stored in otherways or using an ID find it in an array, overkill you might say, it is not necessary, but it isn't all uncommon that people do these things, ALTERNATIVELY start a new session for each wizard, but both have downsides)

Hope it helped.
User avatar
robster
Forum Contributor
Posts: 360
Joined: Wed Jul 16, 2003 8:28 am
Location: Sunshine Coast, Australia

Post by robster »

That's very helpful thank you :)

I had a look at this in the meantime, says all you say and it's a good read (and makes sense with what I'm saying).

http://www.free2code.net/plugins/articl ... php?id=184

I guess the question is then, were I to use sessions to handle a simple registration page (not login or anything else), would sticking them all in one session (as an array) or stick them in many (as individual variables)?

Also, if array is the way to go, could anyone point me in the direction of how to do this (or let me know your method)?

I'm sort of stuck, it's always been a mental block with sessions and cookies, but I can see it's not nearly as hard as I first thought.

Thanks again, :)

Rob
Syranide
Forum Contributor
Posts: 281
Joined: Fri May 20, 2005 3:16 pm
Location: Sweden

Post by Syranide »

you can only have one session per user and page, meaning that you (SHOULD ;)) only use one session too, $_SESSION is an array by default, and is commonly used as $_SESSION['username'] etc etc... (note that you have to start the session before it works properly)

so everything goes in one session, generally you only need cookies for storing autologin/remember data if you use sessions...
User avatar
robster
Forum Contributor
Posts: 360
Joined: Wed Jul 16, 2003 8:28 am
Location: Sunshine Coast, Australia

Post by robster »

so would this code work (assuming all variables have data in them)?

Code: Select all

<?php

session_start(); // start session

$_SESSION['registration_details'] = '$username $password $data_of_birth $location $etc';

?>
(imagine about 20 of those variables though ;)
Is that the syntax? and if so, how does one go about retrieving the data from the array?

I'm sorry to ask what some might see as such simple questions. It really is early days for me still ;)


Thanks again!

Rob
Syranide
Forum Contributor
Posts: 281
Joined: Fri May 20, 2005 3:16 pm
Location: Sweden

Post by Syranide »

your code would be

Code: Select all

<?php
session_start();

$_SESSION['registration_details']['username'] = $username;
$_SESSION['registration_details']['password'] = $password;
$_SESSION['registration_details']['location'] = $location;
// and so on... (you can skip 'registration_details' if you don't want them in a group, this however could be good for readability and to prevent mistakes)
?>
and e.g. in the submissionfile you have this

Code: Select all

<?php
session_start();

echo $_SESSION['registration_details']['username'];
?>
and you would see his submitted username.

(of course both can be used together)
User avatar
robster
Forum Contributor
Posts: 360
Joined: Wed Jul 16, 2003 8:28 am
Location: Sunshine Coast, Australia

Post by robster »

Ahhhh, so simply adding variables to the session, you create an array!
That's amazing! :)

I'll go and see what I can break with this new found knowlege and report back with my results. I am guessing I'll run into a few errors here and there but will work through them (as is part of learning :)).

Thanks so much for such fast and helpful replies :)

Rob
Syranide
Forum Contributor
Posts: 281
Joined: Fri May 20, 2005 3:16 pm
Location: Sweden

Post by Syranide »

btw oh I forgot to say, but if you want to make sure you don't get any errors from PHP

you better

Code: Select all

$_SESSION['registration_details'] = array();
as it isn't an array from start (however, this could add some more thinking as you would have to check if it already exists and so on), so skip it for now to keep things simple, but remember it ;)
User avatar
robster
Forum Contributor
Posts: 360
Joined: Wed Jul 16, 2003 8:28 am
Location: Sunshine Coast, Australia

Post by robster »

Thank you I will (bookmarking this page ;)).

I do have a question regarding creating the session and adding data.
Presuming I state:

Code: Select all

session_start();
at the start of the script, could I then later on in the script in various places, add data to it with the

Code: Select all

$_SESSION['registration_details']['username'] = $username;
then later again, say a page or more down:

Code: Select all

$_SESSION['registration_details']['password'] = $password;
or do they all have to be set at the same time?

I am guessing not as that seems overly restrictive, but best to ask I guess, as it will affect my planning .
Syranide
Forum Contributor
Posts: 281
Joined: Fri May 20, 2005 3:16 pm
Location: Sweden

Post by Syranide »

it is all very intuitive... think of SESSION as nothing more than a variable, which can be kept between pages.

at session_start, $_SESSION is recreated from its previous state (for that ID)

at end of the script $_SESSION is stored so it can be recreated by session_start in another page.

so, with other words, $_SESSION works exactly the same way as any other variable, except it is saved and loaded. (inbetween session_start and end of script there is no difference at all except that it is a superglobal array (if you don't know what it means, just forget it) just as $_GET etc)
Post Reply