Creating sessions in PHP: All web programming language is stateless – i.e, you cannot save state variables within the programming of the pages. As they work with requests, every time a page is fully loaded, all variables used are “erased” and with it, its further use is not possible.

In some cases, however, it is necessary that certain information navigate between pages. This requirement is vital in certain cases, such as when it needs to retrieve information in the database. A unique registration code may be necessary on several screens and therefore we need to keep this information, so that, when required, it is available – optimizing thus the productivity and time. In order to assist on this point, PHP provides the calls sessions.

Briefly, session is an array of variables that can be stored on the server and retrieved by the application later. Following, it will be shown how to create, change and delete sessions in PHP.


Creating a session in PHP takes place in two steps: First you must call the session_start () method, which creates and instantiates the array $ _SESSION used to store variables. Then we create the position in the array indicating the name and the value to be stored.

$_SESSION[“new”]= 1;


Once the value is stored, any application page can work with the stored value or manipulate the session already created.

$var 1 = $_SESSION[“new”];

$_SESSION[“new”]= 2;

In the above, we have two examples of use mentioned above. To modify the session value, it is not necessary to call any other method of support; just perform the default assignment.


The use of session consumes server processing resources – thus it needs to be used carefully. Once a routine is finished and there is no more need for session usage, it must be finalized, as the following example:



Below are listed some tips that help in optimizing a session:

  • • Avoid using many sessions in the application;
  • • In case of simple traffic information, evaluate other possibilities such as using Storage or Querystrings;
  • • At the end of the process, always delete the session;
  • • Each system user opens a new session instance. Therefore, in the logout routine of users, you need to validate the sessions used and delete them.

Check out more content on our blog!
Learn all about Scriptcase.

By ,

July 21, 2015


You might also like…

Business Process Automation with Scriptcase

In the modern business world, operational efficiency is not just a goal. It's a necessity. With inc...

“We developed RISK4ALL, a SaaS platform that allows implementing GRC in an organization with total security and privacy.” (RISK4ALL)

Come and discover the success case of the Risk4all, software, a multilingual and multi-company SaaS...

Security in web applications

In this article, you will learn about web application security and the options within Scriptcase th...

You might also like…

Get new posts, resources, offers and more each week.

We will use the information you provide to update you about our Newsletter and Special Offers. You can unsubscribe any time you want by clinck in a link in the footer of any email you receive from us, or by contacting us at Learn more about our Privacy Police.