/    Sign up×
Community /Pin to ProfileBookmark

when to use session_start()?

Copy linkTweet thisAlerts:
May 18.2014

When should the session_start function be used and what exactly does it do? I read the section in the php manual and some stackoverflow but i don’t have a clear understanding of it

Should I use session_start() on every .php page including the home page or just like the login page?

to post a comment
PHP

4 Comments(s)

Copy linkTweet thisAlerts:
@Error404May 19.2014 — session_start() is meant to be used on any page that will in some way access a $_SESSION variable, whether that means reading the information in it, setting information, unsetting the variable, etc... . When I use it, I always place session_start() at the very top of my page, just so I keep all of my pages somewhat standardized and organized. If the page does not contain session_start(), then you're not going to have access to the $_SESSION variables. In other words, if you have a login page but no session_start() on other pages, then unless you have some other security measure in place, anyone can directly go to that page even if they're not logged in. Depending what you're making, you may not want this. For example:

[code=php]
session_start();
if(!isset($_SESSION['username'])) {
// redirect to log-in
}
[/code]

The above checks whether the $_SESSION variable for the user name is set, meaning the person is logged in. If it's not set, then either the user isn't logged in or there was an error setting the variable. Having this on your home page depends on exactly how you want your home page to behave and whether the content should change based on the user who is logged in.

Note that if you're using $_SESSION variables, you can still use $_GET and $_POST variables, they will not conflict with each other. To avoid confusion, try to make sure that none of your $_SESSION variables use the same index names as your $_POST variables (i.e. so you don't have $_POST['test'], $_SESSION['test'] and $_GET['test']).
Copy linkTweet thisAlerts:
@ytesfay80authorMay 19.2014 — would there be a problem if I used session_start() on a page that wouldn't be using a $_SESSION variable?
Copy linkTweet thisAlerts:
@ginerjmMay 19.2014 — Just make a part of your normal template which you use to develop pages. That way it is always there and should you add a session var later on you don't have to figure out why it isn't working.
Copy linkTweet thisAlerts:
@NogDogMay 19.2014 — would there be a problem if I used session_start() on a page that wouldn't be using a $_SESSION variable?[/QUOTE]

The only "problem" would be the few microseconds* of additional processing time, which 99.99999%* of the time should be of no concern.
____________
  • * 63.7% of all statistics are made up
    • ×

    Success!

    Help @ytesfay80 spread the word by sharing this article on Twitter...

    Tweet This
    Sign in
    Forgot password?
    Sign in with TwitchSign in with GithubCreate Account
    about: ({
    version: 0.1.9 BETA 5.8,
    whats_new: community page,
    up_next: more Davinci•003 tasks,
    coming_soon: events calendar,
    social: @webDeveloperHQ
    });

    legal: ({
    terms: of use,
    privacy: policy
    });
    changelog: (
    version: 0.1.9,
    notes: added community page

    version: 0.1.8,
    notes: added Davinci•003

    version: 0.1.7,
    notes: upvote answers to bounties

    version: 0.1.6,
    notes: article editor refresh
    )...
    recent_tips: (
    tipper: @AriseFacilitySolutions09,
    tipped: article
    amount: 1000 SATS,

    tipper: @Yussuf4331,
    tipped: article
    amount: 1000 SATS,

    tipper: @darkwebsites540,
    tipped: article
    amount: 10 SATS,
    )...