Programming Forums > Web Development and Design > PHP

TerraNerd · Jul 24th, 2004, 11:39 PM

I just need someone to, in a simple way, describe sessions.

kurifu · Jul 25th, 2004, 3:50 PM

Everytime someone connect to your web browser to be served data, your system can automagically and or manually create a session. What this does is assigns a unique session ID that your browser will pass to the webserver through HTTP1.1 headers, or through cookie headers (depending on what your browser supports).

This unique ID links directly to a file in a temporary directory on the server which is used to store variables and objects on the server between pages. The session is not destroyed until the users times out from the server (inactive browsing for a definite period of time, or you manually destroy the session).

If a user logs into a webmail system, you would have to have the client constantly pass the password and username back into the server for every page reload, this is obviously very insecure, so instead you can store this data in the session ($_SESSION superglobal) which will allow the data to be used on different page view/scripts without passing the value back and forth between client and server.

Also if they are purchasing items from your website, instead of storing the shopping cart, including full prices of the purchase on the client end (where they could modify it and rip you off) you would store it in the local session preventing the user from being able to do anything more then reference that session (with the session ID).

Hopefully that clears things up for you...

Pizentios · Jul 26th, 2004, 9:33 AM

sessions are handy.

kurifu · Jul 27th, 2004, 6:17 PM

Actually I try to keep as much data away fromt he client and in the SESSION data as much as possible, in theory this could help to prevent unseen bugs related to malformed request data... which happens all too often if you ask me.

Jul 24th, 2004, 11:39 PM	#1
TerraNerd Programmer Join Date: Jul 2004 Location: Vermont, USA Posts: 65 Rep Power: 5	I just need someone to, in a simple way, describe sessions. __________________ [See a gallery of my Graphic art Here.][Visit my website Here]

Jul 25th, 2004, 3:50 PM	#2
kurifu Expert Programmer Join Date: Jul 2004 Location: Halifax, Nova Scotia (Canada) Posts: 784 Rep Power: 5	Everytime someone connect to your web browser to be served data, your system can automagically and or manually create a session. What this does is assigns a unique session ID that your browser will pass to the webserver through HTTP1.1 headers, or through cookie headers (depending on what your browser supports). This unique ID links directly to a file in a temporary directory on the server which is used to store variables and objects on the server between pages. The session is not destroyed until the users times out from the server (inactive browsing for a definite period of time, or you manually destroy the session). If a user logs into a webmail system, you would have to have the client constantly pass the password and username back into the server for every page reload, this is obviously very insecure, so instead you can store this data in the session ($_SESSION superglobal) which will allow the data to be used on different page view/scripts without passing the value back and forth between client and server. Also if they are purchasing items from your website, instead of storing the shopping cart, including full prices of the purchase on the client end (where they could modify it and rip you off) you would store it in the local session preventing the user from being able to do anything more then reference that session (with the session ID). Hopefully that clears things up for you... __________________ Clifford Matthew Roche <geek@cliffordroche.com> Web Hosting: http://www.crd-hosting.com Consulting: http://www.crdev-consulting.com

Jul 26th, 2004, 9:33 AM	#3
Pizentios Programming Guru Join Date: May 2004 Location: Brandon, Manitoba, Canada Posts: 2,023 Rep Power: 7	sessions are handy. __________________ Profanity is the one language that all programmers understand. Check out my Blog <---updated Nov 30 2007!

Jul 27th, 2004, 6:17 PM	#4
kurifu Expert Programmer Join Date: Jul 2004 Location: Halifax, Nova Scotia (Canada) Posts: 784 Rep Power: 5	Actually I try to keep as much data away fromt he client and in the SESSION data as much as possible, in theory this could help to prevent unseen bugs related to malformed request data... which happens all too often if you ask me. __________________ Clifford Matthew Roche <geek@cliffordroche.com> Web Hosting: http://www.crd-hosting.com Consulting: http://www.crdev-consulting.com

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Programming Forums > Web Development and Design > PHP

Sessions