0

Is PHP session data associated with a particular web page or PHP file? In other words, if a session is created in foo.php, would it's session data be accessible from bar.php, assuming that neither reference the other and both are accessed directly from the web browser.

If it is file specific, how does this work with include()s? For example, if foo.php creates a session, then includes bar.php, can the code in bar.php access session data? How about if the session is created in bar.php? Would the data then be specific to bar.php or foo.php?

Laef
  • 1,086
  • 2
  • 11
  • 27
  • 1
    `sessions` are accessible in each `http request` in which you start the session with `session_start`. Has nothing to do with the file you are in – DarkBee Sep 18 '16 at 19:07
  • http://stackoverflow.com/questions/576535/cookie-path-and-its-accessibility-to-subfolder-pages – JOUM Sep 18 '16 at 19:08
  • @JOUM So PHP sessions are associated only with the cookie (or URL parameter) used for identification, not with a cookie _and_ file or URL? – Laef Sep 18 '16 at 19:10
  • @laef Sry, forget my last comment. I was on a diff. planet – JOUM Sep 18 '16 at 19:15
  • Sessions are a little complexe, lets in say in a short way: each file could have his on session, but then not for different user and also can access his own data (but normllay nobody does that) :) read about session_name session_start, session_close, session_id and all other session functions. – JOUM Sep 18 '16 at 19:21

3 Answers3

2

Yes, session data is available across different files and requests, that is the whole point of sessions: to provide state where the HTTP protocol doesn't. You could look upon the session as a small storage on the web server for your code to store limited data in.

If your foo.php starts a session and then includes bar.php, the code in bar.php will indeed be able to access the session. If your bar.php executes the session_start() then the foo.php can access the session from then on (so after the include()).

Please do remember: a session is unique to a specific browser and volatile. I.e: close the browser and the session will become inactive, inaccessible and expire (usually after 30 minutes).

Note:- modern browsers have the ability to reconnect with session.

Deepak Dholiyan
  • 1,774
  • 1
  • 20
  • 35
kathmann
  • 135
  • 6
1

Session data is available across all pages in php. Generally we start session(session_start()) in file(config file) which is included in all files.

So if you do not have a common file or do not want to define globally then you need to start session_start() in every file.

Deepak Dholiyan
  • 1,774
  • 1
  • 20
  • 35
0

I give answer to bar.php or foo.php includes each other.

  • There is always a first file that was not included and call via browser or shell
  • All other files are included after that (in witch order is on you)
  • If you are include a file it is almost like merging some code blocks, nothing special.
  • After one file called session_start the session is present in PHP
  • So whatever file is now or later included has access to the session data
  • But the next file that does session_start again will throw a notice, because the session is already started
  • Also a file (or better the code in file) can do session_close and some other stuff to open a new session
JOUM
  • 269
  • 2
  • 3