How server stores session variables created using PHP?

Question

I want to know how server stores(not location but procedure/methodology) and manages session variables.Please correct if I am wrong.

I visualise it as:-

Suppose if i create three session variables

$_SESSION['id']=12;
$_SESSION['flag']=t;
$_SESSION['name']=alex;

then the server creates a table (or a file whatever)

-----------------------------------------------
session_id |  id   |   flag  |  name
-----------------------------------------------
a45sdg665  |  12   |   t     |   alex
           |       |         |   
           |       |         |

the session_id is created by server which is unique for each user.The server then sends the session_id to the client browser as a cookie .When the user sends another request during his session then that session_id is also sent by the browser along with the request. The server then refers the table and can identify the user. We ,as a programmer, can use id(stored by us) to fetch different information from the database. (If I am wrong ,please explain the procedure briefly).

Answer 1

Sessions may but don't have to use database backend. The rest of your statements are generally fine (cookies, session_id).

Default session storage in PHP is a file in /tmp folder - path can be checked by printing session.save_path.

To summarize, sessions can utilize:

1. File(s) on hard disk
2. File(s) in memory e.g. in /dev/shm and its subfolders (/tmp can also reside in RAM)
3. Database - session tables may reside on disk or in memory
4. Specialized memory backends

Response to your comment: You understand the process of sharing session data between browser and web server. But session storage used is important for you if you want to access session data manually (outside of PHP script).

If you store user_id in $_SESSION variable, then yes - you can use it to query database for user related information using it from within your PHP script in any subsequent request.

Answer 2

The session data is serialized to a text string and stored in a file per session, typically named "sess_SESSIONIDHERE", perhaps in /var/lib/php5 (default on Debian at least). Take a look at the php ini setting "session.save_path" to discover where your session files are stored.

http://www.php.net/manual/en/session.configuration.php#ini.session.save-path

Answer 3

By default sessions data are stored in a file saved in session.save_path (sessions configuration)

Answer 4

Check this out. It's just stored as a file normally on your /tmp directory of the server.

Where are $_SESSION variables stored?

Answer 5

The location of the $_SESSION variable storage is determined by PHP's session.save_path configuration. Usually this is /tmp on a Linux/Unix system. Use the phpinfo() function to view your particular settings if not 100% sure by creating a file with this content in the DocumentRoot of your domain.

For more Please refer :

this link