I am using xampp
in xampp->tmp->sess_jp7bfpqaritm9ta8h3b5n40df1

In this file some session data,html and mysql query are written.

Can any one please explain me the description of this types of file.

any encrypted data format is used to store session.

6 Years
Discussion Span
Last Post by Aamit

These are the PHP session files in serialized (encoded) form. Note that is it not encrypted, it is just encoded. The strings represent objects in PHP, and PHP knows how to turn it back into actual Objects.

The value of this file is available for the specific user through the $_SESSION global array. More of this is in the PHP sessions manual: http://www.php.net/manual/en/book.session.php

The session data is serialized in a format different from the serialize() function. It uses the format in session_encode().
see: http://www.php.net/manual/en/function.session-encode.php

The opposite function session_encode() takes a string encoded with session_encode() and populates the $_SESSION with its unserialized values.
see: http://www.php.net/manual/en/function.session-decode.php


Here is an example of decoding all the session files (limited to 10 here). Comments explain what each block does.



// what is handling the sessions
$session_type = ini_get('session.save_handler');

// with files, session data files will be in session.save_path directory
if ($session_type == 'files') 
  // directory where session files are in
  $session_path = ini_get('session.save_path');
  // get the files in session directory
  $files = glob($session_path . '/sess_*');
   * Iterate over each file and decode sessions
  $i = 0;
  foreach ($files as $file) 
    echo 'Decoding session data in ' . $file . '<br />';
    // file contains session data, get it
    $encoded_session = file_get_contents($file);

    // unset the current session
    $_SESSION = array();
    // decode the file data into $_SESSION
    // lets look at the data
    echo '<pre>' . print_r($_SESSION, 1) . '</pre>';
    // limit to 10 files
    if ($i == 10) break;
// for other session handlers we have to look elsewhere (such as db etc.)


Edited by digital-ether: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.