Session (data-processing)

In data processing, a session is the execution of a program for a given user. The execution of the program is then parameterized by information user profile (his characteristics, his preferences, the history of its Interaction S with the program, etc)

Course of a session

A session starts when the user starts to interact with a program.

The opening of session can be:

Clarifies, with a seizure of a name and a Password. One speaks then about Authentification or Connection. This authentification can however be automated, when a particular mechanism replaces the user by indicating for example to his place its information of connection. It is the case for example when a sub-session is started (one can profit from the principal authentification).
Implicit, when there does not need to indicate a Identifiant or a password. This type of session is very often limited in terms of rights and thus of effects.

According to any logic, a session should finish when the user stops making use of the system. In practice, except the cases where one has a voluntary request for stop of the session (a such disconnection), the user can always leave the program in the course of session and return thereafter. That is not without posing problems, in particular as regards safety. The originator of the program can then impose time limits of inactivity or an expiry: spent a certain time, the session is invalidated.

Information of sessions

The information of session are stored in a user profile (in general, a whole of Variable S). They can be fugacious or stored in the middle to long term in a whole of files, entries in a Database, etc They are either in charge with the opening of session, and updated at the end, or dynamically during the interactions.

Certain sensitive informations of the session must be isolated and/or protected by rights of access, while others can be divided by several profiles.

Use of the sessions

The Informatique often calls upon the concept of session:

In the multi-user operating systems. They make it possible each one to work independently of the others in distinct processes, with its clean variable of environment.

In the protocols networks, one can quote the example of the sessions HTTP which make it possible to carry out applications Web to the top of the protocol HTTP. With the first visit of a page, a Web server request with the customer to preserve a cookie session. This cookie which contains a simple identifier. When the user passes on another page of the site, the cookie is sent to the Web server at the same time as the request HTTP which can then find the session of a user.

Sessions PHP

The sessions are essential as soon as a site comprises a members part. It are protected than the Cookie S. They make it possible to keep in memory on the waiter each person, identified or not, visiting the site. The functions of sessions always owe beings called before the writing of code HTML. Thus, the first thing advised to make on each page is: session_start ();

The variables of sessions are called variable superglobales, because they are always there, even if the page is reloaded by the waiter. The sessions have a life time defined by the waiter. This time generally varies between 5 and 30 minutes.

The variables of sessions are stored in a table PHP simple called $_SESSION.

Here how to define a variable of session: $_SESSION = $variable; The variables of sessions are recovered as follows: $variable = $_SESSION;

Here a sure method in order to destroy a session in the event of disconnection (manual or forced): $_SESSION = array (); //Ecrase variables of sessions by recreating an empty table session_destroy (); //Supprime the file waiter of the session

The files of sessions safeguarded on the waiter have this format: > Name of the file > sess_fe089db4fa4f15978286da2432db9ab3 > Contents > id|I: 1; name|S: 6: " Didjor" ;

Let us look at more closely what defines a variable of session: > Name|Type: Char_nb: Been worth; ; Name: Name of the variable superglobale ; Type: Type of data. I represents integer and S string ; Char_nb: Many characters of the variable ; Value: Value of the variable. It is between quotation marks if its type is String

Internal bonds

External bonds

FAQ on sessions PHP
To make safe the session user of an application Web

Random links: