As seen in What is HTTP Sessions, a session ia a way to persist user data (or software needs data) across several requests from the same Http client.

In PHP, a SESSION is a global array used to store information about a user’s individual session. It’s a way that enables you to create personalized applications that recognize users between multiple page visits or even multiple sessions.

Some Ccmmon use cases are:

  • Personalized Greetings: You can greet users by their name when they return to your site.
  • Shopping Carts: Store items that users have added to their cart, so they don’t lose them while browsing.

Understanding PHP Sessions

  • PHP Session Storage

The $_SESSION global array in PHP allows you to store data that you want to preserve across different user requests or page visits.

  • Starting PHP Session

When a visitor comes to your site, PHP will automatically look to see if there’s a session already started. This happens if the session.auto_start is set to 1 in your PHP configuration. So we have thw ways to start a session in PHP:

  1. Automatic PHP Session Start

As already said, if session.auto_start is set to 1, PHP will automatically check if there’s a specific session ID sent with the user’s request. If this configuration is set to 0, you must manually start the session.

Next in this post, you’re gonna read about how to configure the session.auto_start directive in PHP.

  1. Manual PHP Session Start

If you want to start the session manually, you can use the session_start() function in your code. This lets you control when the session is started.

  • PHP Recreating a Prior Environment

If PHP finds a specific session ID that was sent with the user’s request, it will recreate the environment that was saved during the previous visit / request. This means that any data stored in the $_SESSION array from before will be available again.

Storing and Retrieving PHP Session Data

Sessions are a lot like a virtual locker for your website’s users. They can store personal data and preferences, making the browsing experience much smoother. In PHP, this locker is called the $_SESSION superglobal array. Let’s see how it works:

Storing Data in a PHP Session

Storing data in a session using PHP is really easy. Here’s how you can do it:

Considering session is started: As already said, before storing any data, make sure you’ve started the session.

Add Data: You can store data by simply setting a key-value pair in the $_SESSION array, like this examples:

// adding a string to an index
$_SESSION['username'] = 'MazerDev';

// adding an object to an index
$user = new User('MazerDev', '[email protected]');
$_SESSION['user'] = $user;

// adding an array to an index
$_SESSION['fiters'] = [
    'page' => 2,
    'start_date' => '2023-08-17',
    'end_date' => '2023-08-31',
];

That’s It!: The data is now stored in the session and can be accessed across different requests and pages on your software and site.

Retrieving Data from a PHP Session

Ok, on a next request from the user, you want to get that data back. No problem! Here’s how:

Considering session is started: I know, I already said this, but, before storing or retrieving any data, make sure you’ve started the session.

Retrieve the Data: Access the data using the index keys you set earlier, here are some examples on how to do it:

echo "Welcome back, " . $_SESSION['username'] . "!";

echo "The report was sent to e-mail: " . $_SESSION['user']->email . "!";

echo "Showing the records based on the filter: <br/>";
echo "Page ". $_SESSION['page'] ."<br/>";
echo "From ". $_SESSION['start_date'] ." to " .$_SESSION['end_date'];

Simple like that: The data will be available, as magic (no it’s PHP under the hood) even if the user navigates to different pages and routes, as long as the session is active.

TIP -> Security Matters: Be mindful of what you store in sessions. Avoid storing sensitive information like passwords.

How to Configure PHP session.auto_start

Configure PHP session.auto_start in php.ini file:

You can set this directive in your php.ini file, which is the main configuration file for PHP.

  1. Open php.ini: Find and open the php.ini file in your PHP installation directory.
  2. Find session.auto_start: Use a text editor to search for the line containing session.auto_start.
  3. Set the Value: Change the value to 1 (for auto start) or 0 (for manual start).
  4. Example: session.auto_start = 1
  5. Save and Restart: Save the file and restart your web server for the changes to take effect.

Configure PHP session.auto_start in .htaccess File (Apache Servers):

If you’re using an Apache server, you can set this directive in a .htaccess file.

  1. Navigate to Your Project Directory: Open or create a .htaccess file in the directory where your PHP script resides.
  2. Add the Directive: Add the following line to enable auto start: php_value session.auto_start 1
  3. Save the File: No need to restart the server; changes will take effect immediately.

Configure PHP session.auto_start using ini_set() Function (Not Applicable):

While you can use the ini_set() function in your PHP script to set other configuration options, it’s important to note that session.auto_start can’t be changed this way. This directive must be set before the script execution starts, so this alternative is not applicable for session.auto_start.