Chapter 21. Using MySQL-Based Web Session Management

Introduction

Many web applications interact with users over a series of requests and, as a result, must retain information from one request to the next. A set of related requests is called a session. Sessions are useful for activities such as performing login operations and associating a logged-in user with subsequent requests, and gathering input from a user in stages (possibly using earlier responses to tailor later questions). However, HTTP is a stateless protocol, so web servers treat each request independently of any other—unless you take steps to ensure otherwise.

This chapter shows how to make information persist across multiple requests, which enables you to develop applications for which one request retains memory of previous ones. The techniques shown here are general enough to apply to a variety of state-maintaining web applications.

Session Management Issues

Some session management methods rely on information stored on the client. One way to implement client-side storage is to use cookies, implemented as information transmitted back and forth in special request and response headers. When a session begins, the application generates and sends the client a cookie containing the initial information to be stored. The client returns the cookie to the server with subsequent requests to identify itself and enable the application to recognize the requests as stages of the same client session. At each stage, the application uses ...

Get MySQL Cookbook, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.