PHP Sessions
Moderator: General Moderators
PHP Sessions
Aloha again everyone!
I'm just about ready to wrap up my project, and I've been asked to incorporate session variables. Does anyone know any good step by step how-to's for this? I'm very familiar with regular variables, I just have no experience with sessions. I've checked php.net/session, but it's just really confusing.
If someone could help break it down, it would be most appreciated.
Mahalo!
-- Abe --
I'm just about ready to wrap up my project, and I've been asked to incorporate session variables. Does anyone know any good step by step how-to's for this? I'm very familiar with regular variables, I just have no experience with sessions. I've checked php.net/session, but it's just really confusing.
If someone could help break it down, it would be most appreciated.
Mahalo!
-- Abe --
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Fair enough.
Basically, I'm designing a "classified ad' system, and it's being installed within another program. So I'll be passing user variables from the program to mine (to allow single sign-on), and I need to keep track of a few user fields (name, ID #, etc) across all pages within my system. Thus my boss wants me to use session variables to keep track of the user and prevent users doing things to ads they don't own.
-- Abe --
Basically, I'm designing a "classified ad' system, and it's being installed within another program. So I'll be passing user variables from the program to mine (to allow single sign-on), and I need to keep track of a few user fields (name, ID #, etc) across all pages within my system. Thus my boss wants me to use session variables to keep track of the user and prevent users doing things to ads they don't own.
-- Abe --
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
That seems simple enough. First thing to do is make sure that the call to session_start() always happens before output to the browser. Also remember that PHP default Garbage Collection (GC) time is 10 minutes, so unless you change that setting in php.ini (or by using a ini_set value) your sessions time out at 10 minutes. Outside of that, it's really as easy as setting a var value, except that you assign the values to the $_SESSION array var.
Code: Select all
<?php
session_start();
$_SESSION['time'] = time();
$_SESSION['user'] = $_POST['user_id'];
// etc etc
?>So whenever I want the variable value, I just need to call $_SESSION['varnamehere']?Everah wrote:That seems simple enough. First thing to do is make sure that the call to session_start() always happens before output to the browser. Also remember that PHP default Garbage Collection (GC) time is 10 minutes, so unless you change that setting in php.ini (or by using a ini_set value) your sessions time out at 10 minutes. Outside of that, it's really as easy as setting a var value, except that you assign the values to the $_SESSION array var.
Code: Select all
<?php session_start(); $_SESSION['time'] = time(); $_SESSION['user'] = $_POST['user_id']; // etc etc ?>
Also, what is the purpose of
Code: Select all
$_SESSION['time'] = time();Thanks again for your quick and prompt responses!
-- Abe --
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
What I posted earlier were just examples of how to set a session var. I usually use a session time so I can compare session time to actual so when the session craps out I can do something pretty instead of referencing a bunch of index's that don't exist. But that's just me.
As for calling the session var, you are dead on. After setting a session var you call it like you said.
As for calling the session var, you are dead on. After setting a session var you call it like you said.
I seem to be having problems...Everah wrote:As for calling the session var, you are dead on. After setting a session var you call it like you said.
On page one, I have this:
Code: Select all
session_start();
$user = 1;
$_SESSION['time'] = time();
$_SESSION['userID'] = $userID;
echo $userID;Code: Select all
<?php echo $_SESSION['userID'];Also, whenever I load the page with session_start() more than once, I get this:
Any thoughts?Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/laurels/public_html/abe/client/index2.php:11) in /home/laurels/public_html/abe/client/index2.php on line 57
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/laurels/public_html/abe/client/index2.php:11) in /home/laurels/public_html/abe/client/index2.php on line 57
Thanks again for all of your help!
-- Abe --
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Header sent errors means that you are trying to call session_start() after outputing something to the browser. Doing that kills your cookie settings (PHP cookie based sessions) and will not let the session data transfer (because the cookie cannot be set).Everah wrote:First thing to do is make sure that the call to session_start() always happens before output to the browser.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
This error is telling you that in index2.php (possibly an included file?) that on line 57 there is something being output to the browser before the session_start() call.Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/laurels/public_html/abe/client/index2.php:11) in /home/laurels/public_html/abe/client/index2.php on line 57
Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/laurels/public_html/abe/client/index2.php:11) in /home/laurels/public_html/abe/client/index2.php on line 57
My typical PHP pages that use sessions will look like this...
Code: Select all
<?php
session_start();
// the rest of my code
?>- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
I think it is common practice to put this PHP block before any HTML. You build all the output into variables and then embed it into the HTML, such as:BigAbe wrote:I'm moving it above all of the output, and even into the <head> but, I'm still getting the error.
Code: Select all
<?php
session_start();
// the rest of my code
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><?php echo $title; ?></title>
...(#10850)
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Thanks a bunch Everah and arborint! It's working now, but I just have a few more questions regarding sessions.I think it is common practice to put this PHP block before any HTML. You build all the output into variables and then embed it into the HTML, such as:
1) How do I handle timeouts and/or specifying how long I want the user to stay "logged in"?
2) Do you recommend keeping the connection data in a session variable? I have one main index page with tons of include() statements, so I can easily just keep the connection details there, but if there's an easier/better way of doing it, I'd love to hear your thoughts.
Thanks!
-- Abe --