So, What Does This Do For Me?
Legitimate question. There are too many ways to use session management and
session variables to include them all here, but I’ll give you an example.
Say you’re building a community site, like I’ve been doing, you might want
to keep the name of the currently authenticated user and perhaps how many new
messages he’s got. In order to keep the load off the database you’re using,
you want to cache the number of messages. You could do this two ways;
session variables to include them all here, but I’ll give you an example.
Say you’re building a community site, like I’ve been doing, you might want
to keep the name of the currently authenticated user and perhaps how many new
messages he’s got. In order to keep the load off the database you’re using,
you want to cache the number of messages. You could do this two ways;
- You could use three cookies:
- authenticated_user – The currently authenticated username (or id)
- num_messages – The number of messages he’s got
- expire_time – When to recache the number of messages
The first method limits security, someone can fake the cookies and virtually
get access to another user’s account. It’s messy because of all the Header()
calls you need to do, it’s overall ugly, and you might get inconsistent data in
case the user refuses to accept one of the cookies.
get access to another user’s account. It’s messy because of all the Header()
calls you need to do, it’s overall ugly, and you might get inconsistent data in
case the user refuses to accept one of the cookies.
With sessions, the user only has to accept one cookie, you keep much better
consistency in your data and you get a bit more security.
consistency in your data and you get a bit more security.
Drawbacks
Session gives you freedom, flexibility and functionality that is assiciated
with any good serverside scripting language. Though, PHP4 session has a few
limitations; first off all, you cannot store objects in the sessions, which
would have been absolutely fantastic, just imagine storing a complete user
object in the session.. Second, storing data in session variables is not
very efficient because PHP4 is using files to store session information, but
overall I’m very satisfied with how PHP4 session management works.
with any good serverside scripting language. Though, PHP4 session has a few
limitations; first off all, you cannot store objects in the sessions, which
would have been absolutely fantastic, just imagine storing a complete user
object in the session.. Second, storing data in session variables is not
very efficient because PHP4 is using files to store session information, but
overall I’m very satisfied with how PHP4 session management works.
Try it out – you’ll like it.
