Session Variables

 

Introduction.  Session variables are usually configured to be volatile/temporary information that resides on a server only for the duration of a particular client session.  For example,
  • maintaining certain shopping basket information while you shop and jump between pages of a web
  • maintaining access rights to pages in the web after you have logged in for a session
  • pulling information from a database to be used for the duration of a session and then writing back whatever changes occurred at the end of a session
  •  

It seems to me that Ullman contradicts himself by saying that session variables are implemented in two different ways

  • purely on the server
  • making use of cookies on the client's computer
    • thus requiring the user to have enabled cookies

I am trying to determine which is true.  I'm hopeful that the first approach is how they actually work since it is much more akin to how I am used to working with session variables in ASPs and JSPs.  If not, it defeats many of the purposes of session variables.  But I digress.

When working with middleware, whether it is ASPs, JSPs or PHP, the developer must understand that different types of variables have different scope.

  • local variables
    • these exist only within a particular page or function
  • posted variables
    • or their essential equivalent "gotten" variables
    • these have a source on a particular form and then exist only for the page they are posted/gotten to
  • cookies
    • written to the client's computer
    • can be accessed from anyplace on the site as long as they haven't expired and they aren't restricted to particular directories
  • session variables
    • these will exist across pages during a session

An Example.  The next example will illustrate the4se different types of scope by taking variables that exist in a form and purely in code on one page and demonstrating how they exist in the page the form is posted to.  This will be done over a series of three pages.

The first page should be called session_page1.php.

 

<html>
<head>
<title>A Page to Illustrate Variable Scope</title>
</head>

<body bgcolor="003044" text="cccccc">
<?php
$local_page1 = "a string for page 1";
session_start( );
$_SESSION["page1"] = "a string for page 1";
?>
<form action="session_page2.php" method = "post">
<table width=500>
<tr>
<td align=center colspan=2><h2>Please enter something in the text box</h2></td>
</tr>
<tr>
<td align=right><b>Textbox1: </b></td>
<td><input type="text" name="textbox_page1", size=20></td>
</tr>
<tr>
<td align=right><b>$local_page1: </b></td>
<td><b><?php echo $local_page1; ?></b></td>
</tr>
<tr>
<td align=right><b>$_SESSION["page1"]: </b></td>
<td><b><?php echo $_SESSION["page1"]; ?></b></td>
</tr>
<tr>
<td align=center colspan=2><input type="submit" name="cmd_submit" value = "Submit Information"></td>
</tr>
</table>
</form>
</body>
</html>

 

Notice how there are values entered in a form, local variables and session variables.  When the submit button is pressed you should see how these variables exist in the next page session_page2.php.

 

<html>
<head>
<title>Another Page to Illustrate Variable Scope</title>
</head>

<body bgcolor="003044" text="cccccc">
<?php
session_start();
$local_page2 = "a string for page 2";
$textbox_page2 = $textbox_page1 . " page 2 words";
$_SESSION["page2"] = "a string for page 2";
?>
<form action="session_page3.php" method = "post">
<table width=500>
<tr>
<td align=center colspan=2><h2>Please enter something in the text box</h2></td>
</tr>
<tr>
<td align=right><b>Textbox2: </b></td>
<td><input type="text" name="textbox_page2", size=20 value="<?php echo $textbox_page1; ?>"></td>
</tr>
<tr>
<td align=right><b>$local_page1: </b></td>
<td><b><?php echo $local_page1; ?></b></td>
</tr>
<tr>
<td align=right><b>$local_page2: </b></td>
<td><b><?php echo $local_page2; ?></b></td>
</tr>
<tr>
<td align=right><b>$textbox_page2: </b></td>
<td><b><?php echo $textbox_page2; ?></b></td>
</tr>
<tr>
<td align=right><b>$_SESSION["page1"]: </b></td>
<td><b><?php echo $_SESSION["page1"]; ?></b></td>
</tr>
<tr>
<td align=right><b>$_SESSION["page2"]: </b></td>
<td><b><?php echo $_SESSION["page2"]; ?></b></td>
</tr>
<tr>
<td align=center colspan=2><input type="submit" name="cmd_submit" value = "Submit Information"></td>
</tr>
</table>
</form>
</body>
</html>

 

This page also initializes its own local and session variables.  It also allows the user to modify what was passed in the text box.

After looking at this you want to submit the form to the next and last page session_page3.php.

 

<html>
<head>
<title>Another Page to Illustrate Variable Scope</title>
</head>

<body bgcolor="003044" text="cccccc">
<?php
session_start();
$local_page3 = "a string for page 3";
$textbox_page3 = $textbox_page2 . " page 3 words";
?>
<form>
<table width=500>
<tr>
<td align=center colspan=2><h2>Please enter something in the text box</h2></td>
</tr>
<tr>
<td align=right><b>Textbox2: </b></td>
<td><input type="text" name="textbox_page3", size=20 value="<?php echo $textbox_page2; ?>"></td>
</tr>
<tr>
<td align=right><b>$local_page1: </b></td>
<td><b><?php echo $local_page1; ?></b></td>
</tr>
<tr>
<td align=right><b>$local_page2: </b></td>
<td><b><?php echo $local_page2; ?></b></td>
</tr>
<tr>
<td align=right><b>$local_page3: </b></td>
<td><b><?php echo $local_page3; ?></b></td>
</tr>
<tr>
<td align=right><b>$textbox_page3: </b></td>
<td><b><?php echo $textbox_page3; ?></b></td>
</tr>
<tr>
<td align=right><b>$_SESSION["page1"]: </b></td>
<td><b><?php echo $_SESSION["page1"]; ?></b></td>
</tr>
<tr>
<td align=right><b>$_SESSION["page2"]: </b></td>
<td><b><?php echo $_SESSION["page2"]; ?></b></td>
</tr>
</table>
</form>
</body>
</html>

 

You should notice how this page modifies some of the earlier variables, how others are lost completely and finally how others endure for the duration of the session.