Menu
When you start a session, the web server generates a session identifier that uniquely identifies the visitor. By default, session data is stored in the server's /tmp directory in files that are named sess_ followed by a unique alphanumeric string (the session identifier).
PHP Default Session Storage (File System): In PHP, by default session data is stored in files on the server. Each file is named after a cookie that is stored on the client computer. This session cookie (PHPSESSID) presumably survives on the client side until all windows of the browser are closed.
PHP's default mechanism is started using the session_start() function. You can make a short PHP file that uses the phpinfo() function to show where the session data is stored by default.
$_SESSION[] - - PHP superglobal array variable that contains currently registered to a script's session. session_start() - - initializes session data. This function is called prior to creating a new session variable using $_SESSION[]. session_destroy() - destroys all data registered to a script's current session.
The location of the $_SESSION variable storage is determined by PHP's session.save_path configuration. Usually this is /tmp on a Linux/Unix system. Use the phpinfo() function to view your particular settings if not 100% sure by creating a file with this content in the DocumentRoot of your domain:
<?php
phpinfo();
?>
Here is the link to the PHP documentation on this configuration setting:
http://php.net/manual/en/session.configuration.php#ini.session.save-path
As mentioned already, the contents are stored at the server. However the session is identified by a session-id, which is stored at the client and send with each request. Usually the session-id is stored in a cookie, but it can also be appended to urls. (That's the PHPSESSID query-parameter you some times see)
They're generally stored on the server. Where they're stored is up to you as the developer. You can use the session.save_handler configuration variable and the session_set_save_handler to control how sessions get saved on the server. The default save method is to save sessions to files. Where they get saved is controlled by the session.save_path variable.
One addition: It should be noted that, in case "/tmp" is the directory where the session data is stored (which seems to be the default value), the sessions will not persist after reboot of that web server, as "/tmp" is often purged during reboot. The concept of a client-wise persistence stands and falls with the persistence of the storage on the server - which might fail if the "/tmp" directory is used for session data.
On Debian (isn't this the case for most Linux distros?), it's saved in /var/lib/php5/. As mentioned above, it's configured in your php.ini.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With