(PHP 4, PHP 5, PHP 7, PHP 8)
session_start — Start new or resume existing session
session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.
When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers. These will either be a built-in save handler provided by default or by PHP extensions (such as SQLite or Memcached); or can be custom handler as defined by session_set_save_handler(). The read callback will retrieve any existing session data (stored in a special serialized format) and will be unserialized and used to automatically populate the $_SESSION superglobal when the read callback returns the saved session data back to PHP session handling.
To use a named session, call session_name() before calling session_start().
When session.use_trans_sid is enabled, the session_start() function will register an internal output handler for URL rewriting.
If a user uses ob_gzhandler
or similar with
ob_start(), the function order is important for
proper output. For example,
ob_gzhandler
must be registered before starting the session.
options
If provided, this is an associative array of options that will override
the currently set
session configuration directives.
The keys should not include the session.
prefix.
In addition to the normal set of configuration directives, a
read_and_close
option may also be provided. If set to
true
, this will result in the session being closed immediately after
being read, thereby avoiding unnecessary locking if the session data
won't be changed.
Version | Description |
---|---|
7.1.0 |
session_start() now returns false and no longer
initializes $_SESSION when it failed to start the
session.
|
Example #1 page1.php
<?php
// page1.php
session_start();
echo 'Welcome to page #1';
$_SESSION['favcolor'] = 'green';
$_SESSION['animal'] = 'cat';
$_SESSION['time'] = time();
// Works if session cookie was accepted
echo '<br /><a href="page2.php">page 2</a>';
// Or maybe pass along the session id, if needed
echo '<br /><a href="page2.php?' . SID . '">page 2</a>';
?>
After viewing page1.php, the second page
page2.php will magically contain the session
data. Read the session reference
for information on propagating
session ids as it, for example, explains what the constant
SID
is all about.
Example #2 page2.php
<?php
// page2.php
session_start();
echo 'Welcome to page #2<br />';
echo $_SESSION['favcolor']; // green
echo $_SESSION['animal']; // cat
echo date('Y m d H:i:s', $_SESSION['time']);
// You may want to use SID here, like we did in page1.php
echo '<br /><a href="page1.php">page 1</a>';
?>
Example #3 Overriding the cookie lifetime
<?php
// This sends a persistent cookie that lasts a day.
session_start([
'cookie_lifetime' => 86400,
]);
?>
Example #4 Reading the session and closing it
<?php
// If we know we don't need to change anything in the
// session, we can just read and close rightaway to avoid
// locking the session file and blocking other pages
session_start([
'cookie_lifetime' => 86400,
'read_and_close' => true,
]);
Note:
To use cookie-based sessions, session_start() must be called before outputting anything to the browser.
Note:
Use of zlib.output_compression is recommended instead of ob_gzhandler()
Note:
This function sends out several HTTP headers depending on the configuration. See session_cache_limiter() to customize these headers.