For these
reasons, the cookie-based methodology is recommended. However, it is ultimately
up to you to weigh the various factors and decide for yourself.
The Session-Handling Process
Because PHP can be configured to autonomously control the entire session-handling
process with little programmer interaction, you may consider the gory details somewhat
irrelevant. However, there are so many potential variations to the default procedure that
taking a few moments to better understand this process would be well worth your time.
The very first task executed by a session-enabled page is to determine whether a
valid session already exists or a new one should be initiated. If a valid session doesn??™t
exist, one is generated and correlated with that user, using one of the SID propagation
methods described earlier. PHP determines whether a session already exists by
finding the SID either within the requested URL or within a cookie. However, you??™re
also capable of doing so programmatically. For instance, if the session name is sid
and it??™s appended to the URL, you could retrieve the value with the following variable:
$_GET['sid']
If it??™s stored within a cookie, you can retrieve it like this:
$_COOKIE['sid']
448 CHAPTER 18 ?– SESSION HANDLERS
Once retrieved, you can either begin correlating information with that SID or retrieve
previously correlated SID data. For example, suppose that the user is browsing various
news articles on the site.
Pages:
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526