Because your program can’t tell what variables were set in other programs—or even what values the program itself set the previous time it ran—you’ll sometimes want to track what your users are doing from one web page to another. You can do this by setting hidden fields in a form, as seen in Chapter 10, and checking the value of the fields after the form is submitted. However, PHP provides a much more powerful and simpler solution, in the form of sessions. These are groups of variables that are stored on the server but relate only to the current user. To ensure that the right variables are applied to the right users, a cookie is saved in the users’ web browsers to uniquely identify them.
This cookie has meaning only to the web server and cannot be used to
ascertain any information about a user. You might ask about those users
who have their cookies turned off. Well, that’s not a problem since PHP
4.2.0, because it will identify when this is the case and place a cookie
token in the
GET portion of each URL
request instead. Either way, sessions provide a solid way of keeping track
of your users.
Starting a session requires calling the PHP function
session_start before any HTML has been output,
similarly to how cookies are sent during header exchanges. Then, to
begin saving session variables, you just assign them as part of the
$_SESSION array, like this:
$_SESSION['variable'] = $value;
They can then be read back just as easily in later program runs, like ...