Sessions and cookies are the global storage used to store data to be persistently available all over the site. These globals can be accessed from anywhere.
In PHP, there are predefined global array variables $_SESSION and $_COOKIES to contain session and cookies data, respectively. Sessions are stored in the server and the cookies are preserved only at the client-side browser level.
In this tutorial, we are going to learn how to create, access and destroy PHP sessions and cookies variables. Also, we are going to learn how to set an expiration time for session and cookies data.
In a previous tutorial, while discussing the features of PHP, we have seen super global variables.
In this section, we are going to see the following to work with PHP sessions. These are,
PHP has a built-in function named as session_start(). This function is used to start a new session or to resume an existing session. By starting the session, it will call session handlers to read and return current session data by using the callback functions.
As of PHP version 7, this function can have an associative array of options as its argument. Using these options, we can overwrite the default session configurations.
The $_SESSION array is used to create a session variable. In the following code, I have created a new session with the index named as tagName.
<?php session_start(); $_SESSION["tagName"] = "PHP"; ?>
Once the data is stored in a session variable, then it is in the global scope and can be accessed from any PHP file.
<?php session_start(); $tag = $_SESSION["tagName"]; echo "Welcome to $tag world!"; ?>
PHP provides functions to clear existing session data. Those are, session_destroy(), session_unset() and more.
The session_destroy() function is used to clear all the current session data. After destroying the session, we have to reload the page to see that the session is cleared.
To make the session_destroy() action to show immediate effect, we can call session_unset() or unset() function to clear session data. Code shows an example to clear session variable.
<?php session_start(); session_destroy(); echo $_SESSION["tagName"]; // session remains until refresh unset($_SESSION["tagName"]); echo $_SESSION["tagName"]; // session no more; ?>
In this section, we are going to learn how to set data to the cookies array and use them all over the site.
In PHP, we can set cookies by using setcookie(), setrawcookie() or header() function. setrawcookie() is the same as setcookie(), but differs by setting the raw value of the cookie with the header without encoding.
These functions must be used before sending any output to the browser. Otherwise, the cookie data will not be set with the header information.
While setting cookies, it needs information like cookies name, domain, expiration time and more. The following code shows the usage example for setting cookies by using the header() and setcookie() functions.
<?php header("Set-Cookie: platform=php; expires=Mon, 20-April-13 17:30:48 GMT; path=/; domain=phppot.com"); ?>
<?php setcookie("platform", "php", time() + 7200, "/", ".phppot.com", 0); ?>
PHP cookies can be accessed by using the $_COOKIE variable. Also, we can use the other superglobals like the $_SERVER, $_ENV and PHP getenv() function to access cookies by specifying HTTP_COOKIE index as shown in the code below. But, $_COOKIE has guaranteed access to all the servers compared to the other global variables. Because some server configurations will not allow us access $_SERVER, $_ENV variables.
<?php echo $_COOKIE["platform"]; // Output: php // OR echo $_SERVER[‘HTTP_COOKIE’]; // Output: platform=php echo getenv(‘HTTP_COOKIE’); // Output: platform=php ?>