Explore how PHP manages sessions, utilizes cookies, and handles user state with this quiz designed for beginners. Understand key concepts and practical usage of PHP's session and cookie features to maintain data across web pages.
Which PHP function is used to start a new session or resume an existing one on a web page?
Explanation: session_start() is the correct function to initiate or resume a session in PHP, making session variables accessible. The others, such as begin_session(), startsession(), and init_session(), are not valid PHP functions and will result in errors if used. Only session_start() must be called to manage PHP sessions.
Which function will you use to create and store a cookie in the user's browser in PHP?
Explanation: setcookie() is the built-in function in PHP for setting cookies and sending them to the user's browser. The options add_cookie(), cookie_set(), and cookieStart() are not defined in PHP and would cause a function error if used. Only setcookie() correctly handles cookie creation.
How do you set a session variable named 'user' to the value 'John' in PHP after starting the session?
Explanation: The correct syntax to assign a session variable is $_SESSION['user'] = 'John'; after the session is started. Options like $SESSION['user'] mistype the global variable, $_COOKIE is used for cookies and not sessions, and '==' is a comparison operator rather than an assignment operator.
Where does PHP typically store session data by default on the server?
Explanation: By default, PHP stores session data as files in a server-side directory defined by the configuration. Local storage is client-side and not managed by PHP. Cookies store only the session ID, not the session data itself. While databases can store sessions, this is not the default behavior.
Which parameter of the setcookie() function specifies the expiry time of a cookie?
Explanation: The third parameter in setcookie() sets the expiration time in Unix timestamp format. The first parameter is the cookie name, the second is its value, and the fourth is the path. Only the third parameter determines when the cookie will expire in the client browser.
Why is it important to regenerate the session ID using session_regenerate_id() after user login?
Explanation: Regenerating the session ID after login helps prevent session fixation attacks by providing a new, unique session ID. This practice does not initialize cookies or log out users, and it is unrelated to browser compatibility. Only the first option addresses a security concern.
Which PHP function deletes all data registered to a session but does not destroy the session itself?
Explanation: session_unset() removes all session variables while keeping the session active. session_destroy() both destroys the session and clears the data, which is not required here. unset_session() and session_delete() are not built-in PHP functions and will not work.
Which superglobal array allows you to access cookie values sent from the user's browser in PHP?
Explanation: $_COOKIE is the correct superglobal array for accessing cookies in PHP. $_SESSION is for session data, $_POST is for POST request data, and $_COOKIES is incorrect because there is no PHP superglobal by that name.
When using default PHP settings, where is the session ID stored so the server can recognize the client?
Explanation: By default, the session ID is stored in a cookie on the user's browser, allowing the server to track the session. MySQL databases may be used for session storage, but not for the ID itself. Browser cache and XML files are not involved in storing session identifiers in standard PHP setups.
Which method allows temporary storage of user data that is available across multiple web pages during one browser session in PHP?
Explanation: Sessions allow temporary user data to persist across different pages and are cleared when the browser is closed or the session expires. GET requests and HTML forms transfer data only when a page is submitted, and database tables are for permanent, not temporary, storage solutions.