PHP Session Vs Cookies

by Vincy. Last modified on July 1st, 2022.

Sessions and cookies are the global storage used to store data to be persistently available all over the site. These globals can be accessed from anywhere.

In PHP, there are predefined global array variables $_SESSION and $_COOKIES to contain session and cookies data, respectively. Sessions are stored in the server and the cookies are preserved only at the client-side browser level.

In this tutorial, we are going to learn how to create, access and destroy PHP sessions and cookies variables. Also, we are going to learn how to set an expiration time for session and cookies data.

In a previous tutorial, while discussing the features of PHP, we have seen super global variables.

Working with Session

In this section, we are going to see the following to work with PHP sessions. These are,

  • Starting session
  • Storing session variable
  • Accessing session variable
  • Clearing session variable

Starting Session

PHP has a built-in function named as session_start(). This function is used to start a new session or to resume an existing session. By starting the session, it will call session handlers to read and return current session data by using the callback functions.

As of PHP version 7, this function can have an associative array of options as its argument. Using these options, we can overwrite the default session configurations.

Storing Session Variable

The $_SESSION array is used to create a session variable. In the following code, I have created a new session with the index named as tagName.

<?php
session_start();
$_SESSION["tagName"] = "PHP";
?>

Accessing Session Variable

Once the data is stored in a session variable, then it is in the global scope and can be accessed from any PHP file.

<?php
session_start();
$tag = $_SESSION["tagName"];
echo "Welcome to $tag world!";
?>

Clearing Session Variable

PHP provides functions to clear existing session data. Those are, session_destroy(), session_unset() and more.

The session_destroy() function is used to clear all the current session data. After destroying the session, we have to reload the page to see that the session is cleared.

To make the session_destroy() action to show immediate effect, we can call session_unset() or unset() function to clear session data. Code shows an example to clear session variable.

<?php
session_start();
session_destroy();
echo $_SESSION["tagName"]; // session remains until refresh
unset($_SESSION["tagName"]);
echo $_SESSION["tagName"]; // session no more;
?>

PHP Cookies

In this section, we are going to learn how to set data to the cookies array and use them all over the site.

Setting cookies

In PHP, we can set cookies by using setcookie(), setrawcookie() or header() function. setrawcookie() is the same as setcookie(), but differs by setting the raw value of the cookie with the header without encoding.

These functions must be used before sending any output to the browser. Otherwise, the cookie data will not be set with the header information.

While setting cookies, it needs information like cookies name, domain, expiration time and more. The following code shows the usage example for setting cookies by using the header() and setcookie() functions.

<?php
header("Set-Cookie: platform=php; expires=Mon, 20-April-13 17:30:48 GMT; path=/; domain=phppot.com");
?>

or

<?php
setcookie("platform", "php", time() + 7200, "/", ".phppot.com", 0);
?>

Accessing cookies

PHP cookies can be accessed by using the $_COOKIE variable. Also, we can use the other superglobals like the $_SERVER, $_ENV and PHP getenv() function to access cookies by specifying HTTP_COOKIE index as shown in the code below. But, $_COOKIE has guaranteed access to all the servers compared to the other global variables. Because some server configurations will not allow us access $_SERVER, $_ENV variables.

<?php
echo $_COOKIE["platform"]; // Output: php
                           // OR
echo $_SERVER[‘HTTP_COOKIE’]; // Output: platform=php
echo getenv(‘HTTP_COOKIE’); // Output: platform=php
?>

Comments to “PHP Session Vs Cookies”

Leave a Reply to Vincy Cancel reply

Your email address will not be published. Required fields are marked *

↑ Back to Top

Share this page