Note session_status() is for file based session only.
DB based session status needs to have custom function based on table structure.
(PHP 5 >= 5.4.0, PHP 7, PHP 8)
session_status — 返回当前会话状态
session_status() 被用于返回当前会话状态。
PHP_SESSION_DISABLED
会话是被禁用的。
PHP_SESSION_NONE
会话是启用的,但不存在当前会话。
PHP_SESSION_ACTIVE
会话是启用的,而且存在当前会话。
Note session_status() is for file based session only.
DB based session status needs to have custom function based on table structure.
Use always session_status(), to check if a session is already started and active.
if(session_status() !== PHP_SESSION_ACTIVE) session_start();
or
if(session_status() === PHP_SESSION_NONE) session_start();
Don't use
if(!isset($_SESSION)) session_start();
or
if(session_id() === "") session_start();
They will not work properly after a call to session_write_close().
Both functions will continue to report, that the session exists.
And this is right, you can read from $_SESSION, but if you want to write,
you need session_start() again.
As a shorthand you can use
@session_start()
with the @ at the beginning to suppress the
PHP notice "A session had already been started - ignoring session_start()"
As stated in the manual for session_start(), a second call will do no harm,
it will be simply ignored. But you need the @, if you don't want to get the notice.
Here some Good example for your understandingl
<?php
if( session_status == PHP_SESSION_NONE ) // if session status is none then start the session
{
session_start();
}
?>
old Practice we were using.
<?php
if( !( isset($_SESSION) ) ) // if the session is no set then start to
new session
{
session_start();
}
?>
This is how the session_status() works:
<?php
function session_status(){
if(!extension_loaded('session')){
return 0;
}elseif(!file_exists(session_save_path().'/sess_'.session_id()){
return 1;
}else{
return 2;
}
}
?>
Just another function to determine whether the session has already started:
function is_session_started () {
return function_exists ( 'session_status' ) ? ( PHP_SESSION_ACTIVE == session_status () ) : ( ! empty ( session_id () ) );
}
Maybe depending on PHP settings, but if return values are not the above, then go for this:
_DISABLED = 0
_NONE = 1
_ACTIVE = 2
If you started and closed a session then test ( session_id() === '' ) to check if a session is active it won't work, session_id() returns an ID even if the session is closed.
Anybody knows another way before PHP 5.4 to check if a session is really not currently active ?
Universal function for checking session status.
<?php
/**
* @return bool
*/
function is_session_started()
{
if ( php_sapi_name() !== 'cli' ) {
if ( version_compare(phpversion(), '5.4.0', '>=') ) {
return session_status() === PHP_SESSION_ACTIVE ? TRUE : FALSE;
} else {
return session_id() === '' ? FALSE : TRUE;
}
}
return FALSE;
}
// Example
if ( is_session_started() === FALSE ) session_start();
?>
The purpose of this functionality can aid you specifically in cases where code -- prior to your current code -- might have opened a session and then closed it.
Specifically, depending on $_SESSION, session_id(), and the SID constant to determine if a session is active will FAIL if a session has previously been opened & closed within the same request cycle.
Please see the original bug report here:
https://bugs.php.net/bug.php?id=52982
The advice of ive_insomnia at live dot com should be taken with great care.
First of all, while his use case for session_status is valid, a simpler way to avoid the warning is:
<?php
if (!isset($_SESSION)) { session_start(); }
?>
The example of session_status uses the raw values of constants (2 in this case) created specifically for the purpose of not having to use magic numbers.
Better code would be:
<?php
if (session_status() !== PHP_SESSION_ACTIVE) {session_start();}
?>
The same can be done using
<?
if (session_id() === "") { session_start(); }
?>
The use of this function is lies more towards status management: change the behavior of a script when sessions are disabled altogether, for example.