Confirming whether session is started or not

PHP
1

I have a PHP file “included.php” which is included in another PHP file.

I like to confirm whether “included.php” read “session_start()” or not read.

The following code doesn’t work correctly but I hope it show what I want.

<?php

declare(strict_types=1);
error_reporting(-1);
ini_set('display_errors', '1');

if ( isset(session_start()) ) {

echo 'Yes session is already started, So, no need to session starting';

} else {
session_start() 
echo "No session is started, therefore, session starting here';
}
2

Hi, the correct way to check for it is

if (isset($_SESSION)) {
...
}
3

Thank you. it is correct code .

4

I tried the script and recieved a different error message:

Fatal error : Cannot use isset() on the result of an expression (you can use “null !== expression” instead) in /var/www/0-tests.php on line 7

The suggestions works as expected although I altered their boolean test because I prefer to test for positives rather than NOT positive - seems I have to flip my mind twice to understand what is happening:

<?php
declare(strict_types=1);
error_reporting(-1);
ini_set('display_errors', '1');

// if ( isset( session_start() ) ) 
if ( NULL === session_start() ) 
{
  // Following line not required - TO CHECK WHEN ON DESKTOP
  //  session_start();
  echo 'No session is started, therefore, session starting here';
} else {
  echo 'Yes session is already started, So, no need to 
  session starting';
}

Although the script works OK I prefer to use @Andres_Vaquero solution which also saves repeating a function call.
Remmed second session_start() because session already started.

5

:wink: I think you guys are making it more difficult than it should be. There are default functions for this.

In PHP 5.4 and lower, you’d just do

if(session_id() == '') {

	// Initiate the session start here

}

And for PHP 5.5 and above, you’d just do

if(session_status() == PHP_SESSION_NONE) {

	// Initiate the session start here

}

And if the session was already started, you really don’t need to say it’s already started. Just don’t create another instance of session_start() and you won’t break your application.

6

Yes , Positives more readible later.

1 Like
7

Standing on the shoulder of giants :slight_smile:

<?php
declare(strict_types=1);
error_reporting(-1); 
ini_set('display_errors', '1'); 

// Both these suppress errors and start the session OK
// NULL !== session_start();
@session_start();

echo '<pre>'; print_r($_SESSION);
1 Like
8 
<?php
declare(strict_types=1);
error_reporting(-1); 
ini_set('display_errors', '1'); 

// Both these suppress errors and start the session OK
// @Andres_Vaquero NULL !== session_start();
@session_start();

echo '<pre>'; print_r($_SESSION);

The code above produces the result below.

9

Is it the same for both PHP 5 and 7?

The script is working and shows that the $_SESSION array is empty. Try adding an array element to $_SESSION`

10

Yes, they are same.

11

I agree and would take it a step further. If you are writing good code logic their is no need to check if the session has been started.

@John_Betong, I have to believe you know better than to use the @ error suppressor. Am I missing something? What gives?

12

I supplied about five alternative methods for session detection and could not resist the good old faithful method :slight_smile:

I had to smile at the first comment :slight_smile:

13

session_start() is a function. What does it mean to say isset(session_start())?

14

By the way, what is the literal meaning of “r” in “print_r”?
What does it symobolize for?
recursive or some other word?

15

Try to start using the free and excellent PHP Manual:

https://www.php.net/manual/en/function.print-r.php

1 Like
16

Ah, it means “readable.”

1 Like
17

Well, there are instances when you may want to make sure a session hasn’t been started already. Say for example you’ve already created a session in your application. You run composer and grab down a library that you really like. This library also has a session_start line in there. Now you’ve broke your code because the 3rd party library wants to create a session as well.

I actually know a few libraries that do this. The only way is to double check if the session is already started. If it isn’t, just allow the library to create the session instead so you don’t get 2 instances of a session_start where it may blow up your application.

18

It is absolutely true. but rarely double checking the session is, I guess, needed.

19

OK, I could see that as possible. What are some of these libraries? I would like to see and know what those cases are about.

The only way is to double check if the session is already started.

Well, it’s not the only way. Turning on error reporting and testing would reveal the problem as well as a good IDE.

20

I wondered if things had changed since I first learnt PHP, so I googled PHP session_start.
From the PHP manual
“(PHP 4, PHP 5, PHP 7)
session_start — Start new or resume existing session
So no need to try and detect an existing session.
And it is more concise.
And it adheres to the KISS principle.