NYCPHP Meetup

[Dan Cech]

Phillip Powell wrote:
> Dan Cech wrote:
>> 1. You don't need to manually serialize stuff you put into the session 
>> through $_SESSION, php automatically serializes and unserializes the 
>> $_SESSION array for you.
> 
> Ok I'm sorry I have to ask this: Why is it specific to just $_SESSION 
> that it auto-serializes anything you put into it? Phil

To understand this you need to have an understanding of how the session 
mechanism actually works in PHP.

Basically, the $_SESSION variable is just that; a variable, but it is 
special for 2 reasons.

1. It is an autoglobal like $_GET, $_POST, etc.

2. PHP knows that you want anything you put into $_SESSION to be 
accessible throughout the whole session.

After the request has completed and the page has been sent to the user, 
PHP takes the contents of the $_SESSION variable and serializes it. 
This serialized value is then passed to the session handler function for 
storage.

The session handler built into php is 'files', which writes the 
serialized string to a file in the directory defined in the 
session_save_path ini setting.  You can also define your own session 
handlers (See: http://php.net/session_set_save_handler)

When PHP receives another request for the same session, it will retrieve 
and automatically unserialize the session data, placing the unserialized 
array into the $_SESSION variable ready for your script to use.

So, the serializing it automatically done by php behind the scenes, you 
don't have to do any of it.

Dan