Sessions are an interesting mechanism in PHP, allowing us to maintain state in what is overall a stateless communication. We might visualize them as a per-user serialized array of information saved to a file. We use them to store user-specific information across various pages. By default, sessions rely on cookies, although, they can be configured to use the SID parameter in a browser.

The cookie version of the PHP session works roughly as follows:

1. Read the session token from the cookie.
2. Create or open an existing file on disk.
3. Lock the file for writing.
4. Read the content of the file.
5. Put the file data into the global $_SESSION variable.
6. Set caching headers.
7. Return the cookie to the client.
8. On each page request, repeat steps ...