Maintaining sessions

[TheDust]

I've searched the forums for info on this, but haven't found anything...

If a website is a mixture of PHP and .htm pages, will the PHP session ID that gets assigned to the user be maintained throughout their visit on the site? Or does the session ID only remain the same as long as each page the user visits has session_start() in the header? Can anyone help clarify this point?

 

[DRJ478]

Sessions are only of interest for PHP, pure HTML pages need no knowledge of session data, as they are static.
If you use cookie based sessions there is no problem since the cookie will persist till its expiration time.
Transparent SID (using the URL) sessions will not work as the SID gets lost once the first static page is accessed.
Therefore, my recommendation is to go with cookie based sessions.

 

[sleipnir214]

When your script first invokes session_start(), a number of things happen. Among them, if a session cookie was not sent by the browser, PHP sets one. (See faq434-4908 for some of the other things that happen.)

By default, PHP's session cookie will last until the browser is shut down. Your browser will send that cookie on every connection to your server, whether the browser is trying to get the content of a static HTML page or a dynamic PHP page.

So long as the user does not shut down his browser, your application flow can span PHP and HTML pages.

But this is something easy to test. All it takes is two simple PHP scripts and one HTML page:

page1.php:

<?php
session_start();
$_SESSION['foo'] = 'bar';

print '
<html>
	<body>
		<a href="page2.html">click here to go to page2.html</a>
	</body>
</html>';
?>

page2.html:

<html>
	<body>
		<a href="page3.php">click here to go to page3.php</a>
	</body>
</html>

page3.php:

<?php
session_start();

print '<html><body><pre>';

print_r ($_SESSION);

print '</pre></body></html>';

?>

Want the best answers? Ask the best questions!

TANSTAAFL!!