Session handling in php

PHP is one of the most popular and widely used Server side scripting language. Session handling is one of the key thing which most of web applications and projects need.

Suppose you are building one E-commerce site, to allow any one to buy the product you must ask them to log-in with their user name and until they log out your system must track the user in every step, this concept is called as “session tracking”.

Now why do we need to track the session, answer is very simple. HTTP is state less protocol, and when you refresh the page, it lost everything, which your project should not !

To handle session in PHP, only thing we gonna need is $_SESSION global variable. That’s it. Oh yes with couple of in built function too.

You can get lot’s of Syntax based tutorial on web, so i am not gonna do that, instead i will be explaining it with the live demo, so that you can easily understand the working and concept of session tracking in PHP.

Have you ever tried to access your Facebook profile without Log in, Try once and it will redirect you to log in page. How it is done, well it is session handling only. I am going to built one simple Log in and profile system in that we have two files called login.php and profile.php. 
Screenshot from 2014-08-13 12:45:38

To access profile.php, user must log in first and log-in name  will be used until log out or browser close (session terminate when browser closed).

Before showing you code, let me tell you some in built PHP functions which comes handy in session tracking.

  • session_start()
  • isset()
  • unset()

To handle session, you must first start it and store some value to any session variable. You can create any amount of session variable you wish. To validate whether Session is active or not, we use isset() function and finally to destroy it we use unset() function.

Here is our login.php:

        //Storing the name of user in SESSION variable.
        header("location: profile.php");

               Session Handling in PHP - CodeforGeek Demo's




After submitting the form, we are storing the name of user in session and in next page we are going to use the same name. This is how most of web projects do. Now here is a code for profile.php.

                header("location: index.php");
<title>Profile of echo $name;?>title>
<h1>Hello echo $name;?>h1>
<h3><a href="logout.php">Click here to log outa>h3>

In this file, first we are checking whether the SESSION is set or not. If not then we will redirect the user to main page, else we will store the name of user into variable and displaying it in HTML code.

Finally we let user log out from system and to do here is a code.

                echo '

You have been successfully logout


You can view the live demo of this simple session handling in PHP or download code from Github.

Whats next ?

You can use Cookies to store session value and resume it when user log-in again. For example “keep me logged in” feature of Facebook.

11 thoughts on “Session handling in php”

  1. Dear Developer,
    This is best Demo to learn Session concept on PHP. But the main problem in this is… if we enter the url Directly in Address bar it shows last created Session Name automatically even we navigate to logout page. Please assist that issue in ur Demo pages.

    Sorry for any wrong english.


    1. In the logout.php, there is no session is started. It is must, in every file to start a session. So put a function in Logout.php: session_start();
      and the problem will be solved.

  2. Hey, I have the same problem as Narayana. Could u pl. let us know the solution for this . It is a headache to me try to solve that but cant.

  3. denice kirwani from tanzania

    i ve to appreciate the way you presented the sessio concept , good work

  4. If I am correct you will also want to do $_SESSION = array(); and also session_destroy(); to remove the entire current session of the logged in user. However nice simple code.

  5. What if we want to authenticate a user i.e. check for valid username and password.
    login.php always start the session for any username and password. How do we authenticate that

    1. u can create a registration.php to create new users n store them to u can use login.php to verify it.

  6. What about if we are saving session into a subdirectory from login_validation.php. How can we read the value of the session by a header.php in include directory?

  7. dear developer
    my question is
    session started
    when i close the browser or tab then only session will destroy
    otherwise not

Comments are closed.