Authenticate and Track Users with PHP
Page 6 —
Sessions! Sessions Are the Answer!
|
OK, sessions are the answer, but what's the question? How do I maintain user-specific information without setting multiple cookies and making numerous calls to a database?"
If you're using PHP 4, then sessions are the answer! OK, OK, if you're still using PHP 3 in a production environment (and many folks are, including me), you can use the PHPLIB base library and the session management techniques it employs.
In terms of time, a session is the duration of a user visit. In the programming world, a session is an ethereal blob that can hold all sorts of variables and values. This blob of stuff, also known as a session object, has an identification string. The identification string, such as 940f8b05a40d5119c030c9c7745aead9, is sent to the user via a cookie called
PHPSESSID. On the server side, a matching temporary file (think of it as the physical representation of the session object) is created with the same name (i.e., 940f8b05a40d5119c030c9c7745aead9).
Each session object has variables registered with it. Inside the session file, on the server, the registered variables and their values are kept safe and sound. Since these values and variables are not kept in a database, no additional system resources are required.
For example, the session file may look like this:
|
count|s:7:"76";
valid|s:7:"yes";
|
The terms "count" and "valid" are the names of the registered variables and "76" and "yes" are their respective values. You can access these variables and their unique values for each user by calling the variable name (e.g., $count).
So, let's say you have something like this in your script:
|
echo "
$count
";
|
The PHP engine will zoom off with the value $PHPSESSID (the unique user session ID stored in a cookie), match it to a temporary session file, look for "count," find its value (say, "76"), and return it to you.
Let's go ahead and use a simple access counter to get used to the idea of sessions and session variables. At the beginning of your page, call the session_start() function. This function serves two purposes: First, it checks to see if a session has been started for this user and starts one if none exists; second, it alerts the PHP engine that session variables and other session-related functions will be used within the specific script. Then we register our first variable, "count."
|
<?
// if a session does not yet exist for this user, start one
session_start();
session_register('count');
?>
|
For as long as this session exists, a variable called count also exists. Currently, the variable has no value. However, if you increment it, it will have a value of one. Take a look:
|
<?
// if a session does not yet exist for this user, start one
session_start();
session_register('count');
// increment count
$count++;
?>
|
To show users how many times they've accessed certain pages in their current session, just throw an echo $count into the mix.
The entire script looks like this. Try it and count along!
|
<?
// File name: count_me.php
// if a session does not yet exist for this user, start one
session_start();
session_register('count');
$count++;
echo "<p>You've been here $count times. Thanks!</p>";
?>
next page»
|
|
