The solution: store session information on the server, and have the client only store an identifier for its information as stored on the server.

• The identifier is known as a session ID. The session ID is stored using a cookie (can be passed as a GET parameter as well)

• The server then uses the session ID to retrieve the information it has stored on the server.

• Session information is typically stored in files on the server, though options exist for using shared memory, and also writing your own handlers (e.g., to use a database for storage)

Using Sessions in PHP

To start a session:
– session_start()

To Creates a session identifier – Session identifier is passed between client and server either as a Cookie, or in GET parameters. Then, can create, access, and modify session variables:

– $_SESSION[session_var_name] = value;
– $_SESSION is only available once you call session_start()
– $local_variable = $_SESSION[session_var_name];
– Can check if session variable is set by using isset();

To end a session:
– session_destroy();

Source: UCSC