How to perform php session unset wisely.

The session unset function works well when you want to end a particular session under certain circumstances. The example below explains how it can be achieved in a better way, along with a conditional statement which returns a specific message, depending on the status of the session.

<form method="POST" enctype="multipart/form-data" action="session_set.php">
<div class="label">Name: <input type="text" size="20" name="name" value="<?php echo $name; ?>">
<input type="submit" value="Hello World" class="submit"/>
</form>

<form method="POST" enctype="multipart/form-data" action="session_set.php">
<div class="label"><input type="hidden" name="reset">
<input type="submit" value="Reset" class="submit"/></div>
</form>
<?php
echo $msg;
?>

As you can see from the above code that we have a basic form with a ‘name’ variable assigned to a text field. When you enter their name into the form and submit it, a session is set for the end user. After that we will need the following code block as well though.

<?php
session_start();
date_default_timezone_set('America/Los_Angeles');
$curtime = date("h:ia");
$name = "";
$timeleft = strtotime($curtime) + 10800;
$left = date("h:ia", $timeleft);
if(isset($_SESSION['name']) && !empty($_SESSION['name'])) {
$name = $_SESSION['name'];
$msg = "<div class="samplesdiv">n
<div class="samples">n
Hello $name. The current time is $curtime. The next podcast will be at $left.n
</div>n
</div>n";
}
else {
$msg = "<div class="samplesdiv">n
<div class="samples">n
Hello there. It would appear you haven't entered in your name yet. Use the form above.n
</div>n
</div>n";
}
?>

This code snippet will be declared at the top of the php file page along with the form which we have created before. We have started the file with’session_start ()’, and then declared a current time definition, which will be displayed to the user when the ‘name’ session is set.

Also included in the session, is a countdown to an upcoming podcast, which is 3 hours ahead of the current time. This isn’t an example you would use in real life, I don’t think, but it gives you an idea of what kinds of messages you can create in the event a session is set or unset.

In order to add 3 hours to the current time, we added 10800 seconds to it after converting it to’strtotime’. This converts the current time into a long number. From there, we then convert the new time back to our original format so it becomes readable to the end user. Although it is a rather strange way of carrying this out, I don’t think there are many ways around it. Not that I am aware of, anyway. I will go into further detail about’strtotime’ and other similar time functions in the near future.

Let’s say I enter the name ‘John’ into the form, then this will be my result at this specific time.

Hello John. The current time is 08:30pm. The next podcast will be at 10:50pm.

Now, of course we will need a file that sets and unsets the sessions. When the end user enters in their name and sets the form, their ‘name’ session is set – as I have discussed up top. The second form, the ‘reset’, unsets the ‘name’ session and starts a new session.

session_start();

if(isset($_POST['name']) && !empty($_POST['name'])) {
$_SESSION['name'] = $_POST['name'];
header("Location: session_unset.php");
}

if(isset($_SESSION['name'])) {
$_SESSION['name'] = $_SESSION['name'];
header("Location: session_unset.php");
}

else {
$_SESSION['name'] = "";
header("Location: session_unset.php");
}

if(isset($_POST['reset'])) {
unset($_SESSION['name']);
header("Location: session_unset.php");
}

The code block which we have just written is quite self-explanatory, making up a bunch of Conditional ‘if’ Statements which check to see if:

1) …the ‘name’ field value has been posted and if so, sets the ‘name’ session.

2) …the session is set at all and if so, ensures the session ‘name’ is declared and carried over.

3) …the ‘reset’ button has been set (clicked) and if it happens, unsets the ‘name’ session.

If my name is currently set in the session, after submitting the ‘reset’ button I get the message below.

Hello there. It would appear you haven’t entered your name yet. Use the form above.

Now, you could include the session setting and unsetting codes on the same page as the form. However, that might be inconvenient for the end user. We have all tried to reload a page which posts a form and end up with that annoying message asking us if we want to resend the information. If you only want a person to enter the information in once, the last thing you want to happen is them re-sending the form.

This can also be done with AJAX, in conjunction with PHP, but for the sake of simplicity, PHP can handle it efficiently. We just have to create two files, instead of one. Personally, I don’t mind doing that, but it’s a matter of perspective.

I hope this article has been helpful to you. Set up a development server on your PC and have a go with PHP sessions. You can do some impressive things with them.