PHP Session and Variable Usage

- A Simple Guide on PHP Session Usage and Session Variables


- superglobals

: available in all scopes throughout a script with no need to reference them via $GLOBAL variables.

: when in use, all superglobals have a session id, but this ceases to be available should all the variables associated with that superglobal be destroyed.
|
$GLOBALS
$_SERVER
$_GET
$_POST
$_FILES
$_COOKIE
$_SESSION
$_REQUEST
$_ENV

https://www.php.net/manual/en/language.variables.superglobals.php

- $GLOBALS

: superglobals in associative array form, eg: $SESSION["test"]. As associative arrays, these are persistent, ie: always available, and can be referenced in all scopes throughout a script; however, their associated arrays can be cleared, or destroyed.

- global

: allows a variable to be referenced globally when preceeded with global, eg: global $test in the script on one page can be referenced by a script on another without any need to re-state the value of $test on the other page(s).

: alternatively, global $test could be expressed in the form $GLOBALS['test'].

: similarly, global $test could be used to reference a function and that function could, in turn, contain a superglobal or a $GLOBAL (superglobal in associative array form).

: all globals, whether expressed as global $variable or in the form $GLOBALS['variable'], have a session id which needs to used in conjunction with session_destroy() if the session is to be completely destroyed. Note: destroying a session will also destroy any variables associated with that session.

https://www.php.net/manual/en/reserved.variables.globals.php

- local variables

: these are variables that only exist within the scope of the current script, eg: $variable, and can be unset().

https://www.php.net/manual/en/language.variables.scope.php

- unset()

: can only be used to destroy local variables, so $test could be destroyed using unset($test), but not if it was initially created via global $test. This can also be used to clear single instances of session variable, but should not be used as a method of clearing all or multiple instances of session variables.

- in summary:

: unset() should be used only for local variables and not for clearing all the variables within a given global, so this could be used to clear test from $_SESSION["test"], and effectively destroy the session at the same time, but would not destroy the global of global $test, as the underlying global would still remain due to the subtle differences between global / $GLOBALS and superglobals.

: $_SESSION = array() should be used for clearing all or some of a session's variables (but, this being an associative array, there are alternative methods that work, too); likewise, it can also be used to selectively define which variables should be set in the current session.

: session_destroy() does just that. When dealing with a superglobal, destroying or unsetting its variables will effectively destroy the session, too; otherwise, if dealing with a non-superglobal global, the session will persist unless destroyed even if all of its variables have been unset or destroyed.

In the case of non-superglobal globals, whether created as a global or in the form $GLOBALS[''], these can be destroyed using the session id in conjunction with session_destroy(), eg: session_destroy('cvxczvillq9f3pj08vjb1').

Also:

session_reset(): re-initialize session array with its original values

https://www.php.net/manual/en/function.reset.php

session_regenerate_id(): update the current session id with a newly generated one

https://www.php.net/manual/en/function.session-regenerate-id.php



To Fart or Not

To fart with strength is quite some feat,
To burn a hole through the seat,
Yet leave the pants quite intact,
Is a science inexact.

- ©JB "That Damned Treehugger", 04.06.2020




- @: Ex5NY27U corequery.uk

- secure email address as detailed above -

IPv6 Ready
Valid CSS!
🔒insurgent.info
insurgent.info