Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.
Reading, Writing and Destroying Sessions5:27 with Alena Holligan
A "Session" is a term referring to a user's time browsing a web site. It's meant to represent the time between a user's first page view on a particular site, until the time that user is finished at that site. PHP offers us the ability work with "session variables" which are available for the duration of a user's session
Learn more about Escaping Output
Changing Session Timeout
By default the session timeout is 1440 seconds, which is 24 minutes. One of the most basic examples to change the session timeout is as follows:
// server should keep session data for AT LEAST 1 hour ini_set('session.gc_maxlifetime', 3600); // each client should remember their session id for EXACTLY 1 hour session_set_cookie_params(3600); session_start();
For more details on PHP settings, check out the course on Basic Error Handling in PHP.
A session is a term referring to a user's time browsing a website. 0:00 It's meant to represent the time between a user's first page view on a particular 0:05 site until the time when that user is finished at that site. 0:09 It's impossible to know for sure when a user is done with a site. 0:14 Instead, the session is terminated in one of two ways. 0:18 Either the user closes the browser, or the session times out when a request 0:23 has not been made within a certain amount of time. 0:27 By default, a PHP session is set to timeout after 1440 seconds, 0:30 which is 24 minutes. 0:36 PHP offers us the ability to set variables that are available for 0:38 the duration of a user's session. 0:42 These are called session variables. 0:45 Let's go back into workspaces and set some session variables based on user input. 0:47 Open play.php. 0:53 To access sessions, we first need to start the session. 0:55 We use session_start. 0:58 This should be called before anything is output to the browser, so 1:02 it's usually best to place this call at the top of the file. 1:05 Next, we check if a word has been posted if 1:09 (isset($_POST['word'])). 1:14 If so we can add a session variable, $_SESSION['word']. 1:22 We can use the page variable to define which word this is, either by adding it to 1:30 the variable name itself, +$page, or by making the session variable an array. 1:35 Since we post to the page number after the word, we should use page-1. 1:44 Then as always, filter user input. 1:52 INPUT_POST. 1:58 'Word'. 2:01 FILTER_SANITIZE_STRING. 2:04 To make sure our session is working, let's var_dump the session variable. 2:09 Now, let's try out our game in the browser again. 2:15 After we enter the word and push Submit, 2:27 we can see that our session variable word is an array. 2:29 The key of one equals our first word. 2:33 Let's go back to workspaces and use these variables in the story before we continue. 2:36 We can remove our var_dump and open story.php. 2:41 At the top we have five word variables. 2:47 Let's set these variables to the session variable. 2:50 We start by adding a session_start to the top of the file. 2:53 We also want to escape our user data so we use the function htmlspecialchars, 2:57 _SESSION['word]. 3:12 Let's finish running through our game now. 3:35 Great, we keep track of each word the user enters and 3:54 then use those words to write our story. 3:57 There's one last thing that we should look at. 4:00 That is, removing session variables. 4:02 If the user chooses Play Again, we should clear the current session variables. 4:05 Let's go back to play.php If they come 4:09 to this page without a p parameter, we should clear the session variable. 4:14 We can clear individual session variables just like we would any other variable, 4:20 either setting them to an empty variable. 4:24 Or calling the unset function on that variable. 4:34 To unset all session variables at once, we should instead, 4:45 use the function session_destroy. 4:48 Now, let's go back to the browser. 5:00 If we navigate to the welcome page. 5:03 And then go back to the story, the session variables are still set. 5:06 If we choose Play Again and then go back to our story, 5:10 the errosr show us that the session variables are no longer available. 5:15 This also shows us some more logic we should add, making sure that the required 5:19 session variables are set before attempting to write the story. 5:23
You need to sign up for Treehouse in order to download course files.Sign up