PHP $_SESSION for multiple users at once

Tags: , , , ,



I’m wondering about how the $_SESSION array works. If I have a lot of users using my site do I need to set a subarray for each user? For instance right now I have

$_SESSION['userid'] = $userid;
$_SESSION['sessionid'] = $sessionid;
$_SESSION['ipaddress'] = $ipaddress;

but in order to cope with more users do I need to make a multidimensional array?

$_SESSION[$userid]['sessionid'] = $sessionid;
$_SESSION[$userid]['ipaddress'] = $ipaddress;

Is the $_SESSION global handled per client or just overall? Will having $_SESSION[‘userid’] set on login kick the previous user out and instate the latest logged in user?

Answer

No. There is a seperate $_SESSION created for each user. This is all done by the server, you don’t have to worry about it. When writing your code, treat the $_SESSION as if there was only one user on the site.

Edit: Actually, on thinking about it, it is a very good question to ask. It is good to ask these sorts of questions, it means you are seriously thinking about how your code truly works. Keep asking these things, and keep testing. I have a feeling that one day you will be writing some amazing code.

So on that note, here is some info from the apache site:

What is a session?

At the core of the session interface is a table of key and value pairs that are made accessible across browser requests. These pairs can be set to any valid string, as needed by the application making use of the session.

Keeping sessions on the server

Apache can be configured to keep track of per user sessions stored on a particular server or group of servers. This functionality is similar to the sessions available in typical application servers.

If configured, sessions are tracked through the use of a session ID that is stored inside a cookie, or extracted from the parameters embedded within the URL query string, as found in a typical GET request.

And from the PHP docs on Sessions:

Session support in PHP consists of a way to preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site.

A visitor accessing your web site is assigned a unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL.

The session support allows you to store data between requests in the $_SESSION superglobal array. When a visitor accesses your site, PHP will check automatically (if session.auto_start is set to 1) or on your request (explicitly through session_start() or implicitly through session_register()) whether a specific session id has been sent with the request. If this is the case, the prior saved environment is recreated.



Source: stackoverflow