A session
manages the interaction between a web browser and a web server. For example, a
session allows an application to track the items in a shopping cart, the status
of a customer account application process, whether or not a user is logged in,
or the finalizing of an order. Sessions are essential to most web database
applications.
A session has two components: session
variables and a session identifier (ID). The
session variables are the state information that's related to a user's
interaction with an application. For example, the session variables might store
that the user's shopping cart contains five items, what those items are, their
price, what items the user has viewed, and that the user is logged into the
application. The session variables are stored at the web server or database
server, and are located using the session ID.
When a session is started, the user's browser is given a
session ID. This ID is then included with subsequent requests to the server.
When a browser makes a request, the server uses the session ID to locate the
corresponding session variables, and the variables are read or written as
required. In practice, session variables are typically stored at the web server
in a file (the PHP default) or at the database server in a table.
Shows how the
session variables for Beth's session are identified and stored in the web server
environment; the session ID distinguishes between Beth's session and other users
of the system.
Using sessions, all of the variables that represent the state
of an application don't need to be transmitted over the Web. The session ID is
transmitted between the browser and server with each HTTP request and response,
but the session data itself is stored at the server. The session ID is therefore
like the ticket given at a cloakroom. The ticket is much easier to carry around
and ensures that you get back your own hat and coat. Storing variables at the
server also helps prevent accidental or intentional tampering with state
information.
The session ID is usually transmitted as a cookie . A cookie is a named piece of text that
is stored in a web browser, and is sent with HTTP requests, like data sent with
the GET or POST methods. You can find out more about cookies
from the interesting Cookie Central web site at http://www.cookiecentral.com/faq/ or more formally in RFC 2109
at http://ietf.org/rfc/rfc2109.txt?number=2109.
Free Download
Free Download