Difference between session_register and $_SESSION[] in phpsession_register and $_SESSION[] in php




We can use either session_register or $_SESSION for registering session variable in php.

Find below the difference between both of them. 


session_register() is a function and $_SESSION is a superglobal array.

session_register() is used to register a session variable and it works only when register_globals is turned on. (Turning ON register_globals will create mesh-ups, but some applications (e.g OScommerce) requires turning ON of register_globals)
But $_SESSION works even when register_globals is turned off.

If session_start() was not called before session_register() is called, an implicit call to session_start() with no parameters will be made. But $_SESSION requires session_start() before use.

session_register function returns boolean value and $_SESSION returns string value

session_register() function has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0.


We know that Webpages are getting displayed using stateless Protocol.
So there should be someway for keeping the session of the user navigating the webpages within a website.

Session variables and Cookie variables can be used for this purpose.
Basically Session variables are maintained by webserver. (i-e)Physically the value of any Session variable will be written to a file located in the web server.

In php, we can set/use the session variable using $_SESSION. Say for example, if we need to put the user email (e.g $email) in session, we can use it as $_SESSION['email'] whose value should be set as $_SESSION['email']=$email.

Whenever assigning this session variable, a file will be written to the web server at location specified by session_path variable in php.ini file.

Suppose 1000 users are using your website, there will be 1000 files created for storing one session variable.

So it will become a big memory issue if you are not managing the session properly. (i-e) we should unset the session variables during logout. Appropriate session timeout value should be specified to enable automatic expiration of the session if the user forgets to logout. And also we need to take additional care to manage session if security is more important for your website.

Or alternatively we can use cookie variables which are stored by the web browser in the users machine. As the cookie variables are stored in the client machine, it can be available till it gets deleted either by browser setting, or by the code or by the user manually.

Since cookie variables can live even after closing the browser session, it can be very useful for improving user experience. (i-e) Lot of data related to user preferences can be stored in the cookie. So whenever the same user logs in, his previous settings can be applied automatically by using these cookie values. For example if the user allows the website to store his password in cookie variable, he can log in to the website without typing his password again.

In php, cookie variables can be set using setcookies function. 
But anyway, privacy is important for you, you can restrict the cookies by changing the browser settings.
More Articles...

Comments

Popular posts from this blog

php format date string short month

Android Interview Questions and Answers

Soap and Rest Example