Example of using PHP Sessions

Ok now, I want share about sessions using php. And what is sessions?

A PHP session variable is used to store information about, or change settings for a user session. Session variables hold information about one single user, and are available to all pages in one application.
When you are working with an application, you open it, do some changes and then you close it. This is much like a Session. The computer knows who you are. It knows when you start the application and when you end. But on the internet there is one problem: the web server does not know who you are and what you do because the HTTP address doesn’t maintain state.

A PHP session solves this problem by allowing you to store user information on the server for later use (i.e. username, shopping items, etc). However, session information is temporary and will be deleted after the user has left the website. If you need a permanent storage you may want to store the data in a database.

Sessions work by creating a unique id (UID) for each visitor and store variables based on this UID. The UID is either stored in a cookie or is propagated in the URL.

For more info about php session, read this http://www.php.net/manual/en/features.sessions.php and http://www.w3schools.com/php/php_sessions.asp
And this is an example coding with php sessions. I use sessions to create the login form validation. So, example in my browser, if i’ve login, and I open a new tab or I close the web and I not logout. So I do not need to login again.

  1. First, we must create some function to validate login form. Example code:
    class User 
    	//private variabel for session data
    	private $user;
    	//function for check username and password
    	function check_login($username, $password) {
    		//get username value and save to private variabel
    		$this->user = $username;
    		//checked username and password
    		if($username = "admin" && $password = "password") {
    			//if username and password true, then create session.
    			$_SESSION['login'] = true;
    			$_SESSION['id'] = $this->user;
    			return true;
    		} else {
    			//if username and password false
    			return false;
    	//function for delete sessions
    	function session_logout() {
    		//delete all sessions
    		//redirect to form login
    		header("location: index.php");
  2. And now, create login form page..
    //if we use session, use this code
    //include class.php file
    require_once "class.php";
    //instance objek, because we use OOP
    $user = new User();
    //if user has login and session has not been removed
    if(isset($_SESSION['login'])) {
    	//redirect to file admin.php and don't need login again
    	header("location: admin.php");
    //if file index.php get post data
    if($_POST) {
    	//checked that post using function check_login (from file class.php)
    	$login = $user->check_login($_POST['username'], $_POST['password']);
    	if($login) {
    		//if true, redirect to admin.php
    		header("location: admin.php");
    	} else {
    		//if false, we must login again.
    		$error = "Sorry username or password is wrong!!";
    <!DOCTYPE html>
    	<title>Form Login</title>
    	<h1>Form Login</h1>
    	<p><?php echo (isset($error)) ? $error : ""; ?></p>
    	<form method="post" name="login">
    		<label>Username</label><br />
    		<input type="text" name="username" required /><br />
    		<label>Password</label><br />
    		<input type="password" name="password" required /><br />
    		<input type="submit" value="Login" />
    		<button type="reset">Cancel</button>
  3. And the last, we must create file redirect if user success login.
    //if we use session, use this code
    //include file class.php
    require_once "class.php";
    //instance objek user from class.php
    $logout = new User();
    //if user open this page and haven't login, redirect to login form
    if(!isset($_SESSION['login'])) {
    //if user click logout link
    if($_GET && $_GET['page']) {
    <!DOCTYPE html>
    	<title>Admin Page</title>
    Hello <b><?php echo $_SESSION['id'] ?>!</b><br />
    <a href="?page=logout">Logout</a>

And now open the index.php file in localhost.
Example result:

If user haven’t login (From Login)

If User success login

And this is question from me­čść

  1. What happen if we open admin file before login?
  2. What happen if we open index file if we has login?


  1. Hai Friends,
    I got a job by saying this answer in my last interview. thanks for awesome help.
    I got more idea about PHP from Besant Technologies. If anyone wants to get phptrainingchennai.in visit Besant Technologies.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s