$_SESSION

(PHP 4 >= 4.1.0, PHP 5, PHP 7, PHP 8)

$_SESSIONSession variables

Description

An associative array containing session variables available to the current script. See the Session functions documentation for more information on how this is used.

Notes

Note:

This is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.

See Also

add a note

User Contributed Notes 8 notes

up
71
Tugrul
9 years ago
Creating New Session
==========================
<?php
session_start
();
/*session is started if you don't write this line can't use $_Session global variable*/
$_SESSION["newsession"]=$value;
?>
Getting Session
==========================
<?php
session_start
();
/*session is started if you don't write this line can't use $_Session global variable*/
$_SESSION["newsession"]=$value;
/*session created*/
echo $_SESSION["newsession"];
/*session was getting*/
?>
Updating Session
==========================
<?php
session_start
();
/*session is started if you don't write this line can't use $_Session global variable*/
$_SESSION["newsession"]=$value;
/*it is my new session*/
$_SESSION["newsession"]=$updatedvalue;
/*session updated*/
?>
Deleting Session
==========================
<?php
session_start
();
/*session is started if you don't write this line can't use $_Session global variable*/
$_SESSION["newsession"]=$value;
unset(
$_SESSION["newsession"]);
/*session deleted. if you try using this you've got an error*/
?>
up
4
opajaap at opajaap dot nl
10 years ago
Be carefull with $_SESSION array elements when you have the same name as a normal global.

The following example leads to unpredictable behaviour of the $wppa array elements, some are updated by normal code, some not, it is totally unpredictable what happens.

<?php
global $wppa;
$wppa = array( 'elm1' => 'value1', 'elm2' => 'value2', ....etc...);

if ( !
session_id() ) @ session_start();
if ( ! isset(
$_SESSION['wppa']) $_SESSION['wppa'] = array();

if ( ! isset(
$_SESSION['wppa']['album']) ) $_SESSION['wppa']['album'] = array();
$_SESSION['wppa']['album'][1234] = 1;

$wppa['elm1'] = 'newvalue1';

print_r($_SESSION);
?>
This will most likely display Array ( [wppa] => Array ( [album] => Array ( [1234] => 1 ) [elm1] => 'newvalue1' [elm2] => 'value2' ... etc ...
But setting $wppa['elm1'] to another value or referring to it gives unpredictable results, maybe 'value1', or 'newvalue1'.

The most strange behaviour is that not all elements of $wppa[xx] show up as $_SESSION['wppa'][xx].
up
3
bohwaz
15 years ago
Please note that if you have register_globals to On, global variables associated to $_SESSION variables are references, so this may lead to some weird situations.

<?php

session_start
();

$_SESSION['test'] = 42;
$test = 43;
echo
$_SESSION['test'];

?>

Load the page, OK it displays 42, reload the page... it displays 43.

The solution is to do this after each time you do a session_start() :

<?php

if (ini_get('register_globals'))
{
foreach (
$_SESSION as $key=>$value)
{
if (isset(
$GLOBALS[$key]))
unset(
$GLOBALS[$key]);
}
}

?>
up
-30
jherry at netcourrier dot com
15 years ago
You may have trouble if you use '|' in the key:

$_SESSION["foo|bar"] = "fuzzy";

This does not work for me. I think it's because the serialisation of session object is using this char so the server reset your session when it cannot read it.

To make it work I replaced '|' by '_'.
up
-48
Miller
10 years ago
I wrote a little page for controlling/manipulating the session. Obviously, never use this on a production server, but I use it on my localhost to assist me in checking and changing session values on the fly.

Again, it makes use of eval() and exposes the session, so never use this on a web server.

<?php
error_reporting
(E_ALL);
session_start();
if (isset(
$_POST['session'])) {
$session = eval("return {$_POST['session']};");
if (
is_array($session)) {
$_SESSION = $session;
header("Location: {$_SERVER['PHP_SELF']}?saved");
}
else {
header("Location: {$_SERVER['PHP_SELF']}?error");
}
}

$session = htmlentities(var_export($_SESSION, true));
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>Session Variable Management</title>
<style>
textarea { font: 12px Consolas, Monaco, monospace; padding: 2px; border: 1px solid #444444; width: 99%; }
.saved, .error { border: 1px solid #509151; background: #DDF0DD; padding: 2px; }
.error { border-color: #915050; background: #F0DDDD; }
</style>
</head>
<body>
<h1>Session Variable Management</h1>
<?php if (isset($_GET['saved'])) { ?>
<p class="saved">The session was saved successfully.</p>
<?php } else if (isset($_GET['error'])) { ?>
<p class="error">The session variable did not parse correctly.</p>
<?php } ?>
<form method="post">
<textarea name="session" rows="<?php echo count(preg_split("/\n|\r/", $session)); ?>"><?php echo $session; ?></textarea>
<input type="submit" value="Update Session">
</form>
</body>
</html>
up
-50
Fred
10 years ago
Regarding array keys, from http://php.net/manual/en/language.types.array.php, "Strings containing valid integers will be cast to the integer type".

The manual on $_SESSION says "An associative array". So an associative array is expected literally...? It does no one any good if this bit of important info about accessing and storing session data remains buried in manual comments.

Session variables with a single number will not work, however "1a" will work, as will "a1" and even a just single letter, for example "a" will also work.

(Invalid)
1st page

<?php
session_start
();
$_SESSION["1"] = "LOGGED";
?>

2nd page

<?php
session_start
();
echo
$_SESSION["1"];
?>

---------------------------------------------------------------

(Valid)
1st page

<?php
session_start
();
$_SESSION["a"] = "LOGGED";
?>

2nd page

<?php
session_start
();
echo
$_SESSION["a"];
?>

---------------------------------------------------------------

(Valid)
1st page

<?php
session_start
();
$_SESSION["a1"] = "LOGGED";
?>

2nd page

<?php
session_start
();
echo
$_SESSION["a1"];
?>

---------------------------------------------------------------

Example from PHP.net manual on Session variables

<?php
$_SESSION
[1][1] = 'cake'; // fails

$_SESSION['v1'][2] = 'cake'; // works
?>

Source: http://php.net/manual/en/language.types.array.php
up
-51
charlese at cvs dot com dot au
14 years ago
I was having troubles with session variables working in some environments and being seriously flaky in others. I was using $_SESSION as an array. It works properly when I used $_SESSION as pointers to arrays. As an example the following code works in some environments and not others.

<?php
//Trouble if I treate $form_convert and $_SESSION['form_convert'] as unrelated items
$form_convert=array();
if (isset(
$_SESSION['form_convert'])){
$form_convert=$_SESSION['form_convert'];
}
}
?>
The following works well.
<?php
if (isset($_SESSION['form_convert'])){
$form_convert = $_SESSION['form_convert'];
}else{
$form_convert = array();
$_SESSION['form_convert']=$form_convert;
}
?>
up
-36
ms at meilenstein dot ms
5 years ago
I would be wary to use PHP Sessions for application-critical tasks. So far, I have had very troubling experiences with random loss of session data, as described in these bug reports:

https://bugs.php.net/bug.php?id=19022
https://bugs.php.net/bug.php?id=19029
https://bugs.php.net/bug.php?id=70584
To Top