Cookies, Sessions and Buffer in PHP

Cookies and session management are critical components of PHP's output buffering. We shall go into depth regarding both of these subjects.

Cookies are super global variables which can be stored at client machine.
$_COOKIE:-  It is a predefined super global variable which can be used for reading cookie data.
setcookie(,):-   It is a predefined function for creating, updating or deleting the
cookie variable at server machine.cookie values are stored at the browser of client’s machine
cookiews are not safe for storing the information.

Every webbrowser is limited to a certain no. of cookies to be stored at the client’s machine(~20).
Cookies information will be exchanged between the client and server every request and response
through headers.
If Cookie is once created can be accessed from the next request from the server to the client but
not in the same page.
lifetime:- timestamp upto which cookie must be active.
path:-Default path is current working directory
/–>points to root directory
/abc—>cookie is shared with all files in abc folder
secure_protocol:-If it is true then it will be exchanged with https protocol otherwise with http
Cookie can be created in two ways.
1. By creating cookie with empty value.
2. By creating the cookie in the past

Ex: -create.php


setcookie will sends a header to the server(No output is sent before using.

If output is started before it use output buffering

Checkout PHP Interview Questions

It is used for maintaining the state of the user between his login and logout.
$_SESSION is a predefined super global used for managing session data.
session information is stored at the server machine and is accessable with the pages
where session is started.

MindMajix Youtube Channel


session.auto_start(OFF):-Controls whether the session must be automatically started or not The default name at which session id is stored at a client machine
as cookie variable

session.use_cookie(ON*/OFF):-Using the cookies for storing the session id value.

session.use_only_cookies:-Using cookies only for storing the session id.

session.use_trans_sid(0/1_:-Using a transferable session id through URL.

session.gc_maxlifetime(1440(24minutes)):-The maximum time for which the session data can be

maintaines when the user is idle before sending to gc(garbage collector).

Related Page: Headers, Downloading And File Uploading In PHP


session_start():- starts a new session for the user, if session already axists uses the already

existing session.

session_name[]:-Gets or sets the name of the session

session_id():- It returns the session id created for the user. A session id is a unique 32 character length alphanumeric value.

session_regenerate_id:- changes the session id to new one for the user.

session_unset:-Erases the session data for the user.

session_destroy:-session will be destroyed.

Ex: -session.php


Understanding Configuration settings in PHP:

1) POST_MAX_SIZE: – max size of post data that a php will accept

2) magic_quotes_gpe: (default value is ON)

escaping of ” Quotations with a backslash for the data which is sent through GET,POST,COOKIE & ENV variables

3) Register_globals: – possible values are (ON or OFF)

default is OFF..

Registering of super global variable as regular variables in this page is controlled with this settings

4) variables_order: – “GPCS”;

The order with which superglobal variable are loaded with the current working page

5) Register_long_arrays: –  ON or OFF

The availability of superglobals array with logn array names used in the older version of PHP is controlled with this settings

6) file_uploads: ( ON) whether to allow HTTP Files to upload or not;

Related Page: Data Types In PHP

Buffering of the output before sending with browser can be handled by using output buffering.


output_buffering = 4096

Buffers the output upto 4KB and releases the output


ob_start():– Starts buffering the output if buffering is inactive.

ob_get_length:- It returns the size of buffer content in the page

ob_flush():- It sends the buffer content to the browser.

ob_get_flush():- It returns the buffer content as a string and sends the buffer to the browser.

ob_clean():- It clears the buffer and stops the buffering.

ob_get_clean:- It cleans the buffer content and returns it as a string.

Note:- output buffering is used when we are working with sessions using headers with in the page.

Ex: -buffer.php

About Author

Ravindra Savaram is a Technical Lead at His passion lies in writing articles on the most popular IT platforms including Machine learning, DevOps, Data Science, Artificial Intelligence, RPA, Deep Learning, and so on. You can stay up to date on all these technologies by following him on LinkedIn and Twitter.

read less