INTERNALS OF SESSIONS

18 May

INTERNALS OF SESSIONS

When the session_start is called, PHP is looking for an argument from the client (sent via POST, GET or Cookie) with the name of session.name to retrieve the session ID.

If it finds a valid session ID (there are some syntactical restrictions), it tries to retrieve the session data from the storage (session.save_handler) to store it in $_SESSION.

If it can’t find an ID or the configuration forbids its usage (see session.use_cookies, session.use_only_cookies and session.use_trans_sid), PHP generates a new ID using a hash function (session.hash_function) on data of a source that generates random data (session.entropy_file).

At the end of the runtime, it stores the $_SESSION data in the designated storage.

1. Will session works, if cookies are disabled?
NO. In this case each call to session_start will generate a new ID as it can’t find the previous ID.

Advertisements

One Response to “INTERNALS OF SESSIONS”

  1. Shiplu (শিপলু) April 14, 2010 at 12:28 pm #

    To make it work you have to propagate the session id via url and form requests.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: