Siksha Sarovar

Siksha Sarovar (sikshasarovar.com) is a free educational web application that helps students in India learn programming and prepare for academic and competitive exams. The platform offers structured coding courses (C, C++, Python, Java, HTML, CSS, PHP, Power BI, AI, Machine Learning, Data Science), complete university curriculum notes for BCA/MCA students with previous year question papers, Class 10 and Class 12 CBSE/HBSE school notes, and dedicated preparation material for SSC, UPSC, Banking, Railway and other government exams. Browsing the site is completely free and requires no account. Users may optionally sign in with Google solely to save their learning progress, quiz scores and personal preferences across devices.

Privacy Policy | Terms of Service | Contact Siksha Sarovar | About Siksha Sarovar

v4.0.9 · PWA
Siksha Sarovar logo
Siksha Sarovar
Your Learning Universe

Siksha Sarovar is a free e-learning platform for coding courses, BCA university notes and competitive exam preparation. Optional Google sign-in saves your learning progress across devices.

Initializing knowledge base…
Compiling modules 0%

30. Sessions in PHP

Lesson 27 of 29 in the free PHP Programming notes on Siksha Sarovar, written by Rohit Jangra.

Sessions in PHP

What is a Session?

A session is a server-side storage mechanism used to store user data across multiple pages.

Exam Definition: A session stores user data on the server and is identified using a unique session ID.

---

Why Sessions are Needed

  • Store sensitive data securely
  • Maintain login status
  • Track user activity
  • Handle shopping carts
Exam Line: Sessions are more secure than cookies.

---

Session Variables

Session variables store data inside the $_SESSION superglobal.

Starting a Session

session_start();

Setting Session Variables

$_SESSION["username"] = "Rohit";
$_SESSION["role"] = "Admin";

Accessing Session Variables

echo $_SESSION["username"];

---

Creating and Destroying a Session

Create Session

session_start();
$_SESSION["user"] = "Admin";

Destroy Session (Logout)

session_start();
session_destroy();
Exam Tip: session_destroy() removes all session data.

---

Retrieving and Setting the Session ID

Get Session ID

session_start();
echo session_id();

Set Custom Session ID

session_id("ABC123");
session_start();
Exam Line: Session ID uniquely identifies a user session.

---

Encoding and Decoding Session Data

Session data can be encoded for security and storage.

Encoding Session Data

$data = serialize($_SESSION);

Decoding Session Data

$_SESSION = unserialize($data);
Exam Definition: Serialization converts session data into a storable format.

---

Auto-Login Using Cookies + Sessions

Auto-login allows users to remain logged in even after closing the browser.

Working Logic

  1. User checks “Remember Me”
  2. Cookie stores user token
  3. On next visit, cookie validates user
  4. Session auto-starts

Example

// Set cookie
setcookie("remember_user", "Rohit", time()+86400*7, "/");

// Auto login
if(isset($_COOKIE["remember_user"])){
   session_start();
   $_SESSION["user"] = $_COOKIE["remember_user"];
}
Exam Tip: Auto-login combines cookies and sessions.

---

Recently Viewed Document Index

This feature stores recently accessed pages using sessions.

Logic

  • Store page names in session array
  • Maintain limited history
  • Display recently viewed items

Example

session_start();

$page = "PHP_Tutorial";

$_SESSION["recent"][] = $page;

// Limit to last 5 pages
$_SESSION["recent"] = array_slice($_SESSION["recent"], -5);

Display Recently Viewed Pages

foreach($_SESSION["recent"] as $p){
   echo $p."<br>";
}
Real-time Use: E-learning platforms, documentation sites.

---

Cookies vs Sessions (Exam Comparison)

FeatureCookiesSessions
StorageClient-sideServer-side
SecurityLowHigh
Data SizeLimitedLarge
ExpiryUser-definedServer-controlled
SpeedFasterSlightly slower

---

Security Best Practices

  • Avoid storing passwords in cookies
  • Use HttpOnly & Secure flags
  • Regenerate session ID after login
  • Set session timeout
  • Destroy session on logout