Question:

I'm going to use cookies and sessions to indentify the user. So, sessions will be used only when user chose the 'Don't remeber me' option. I include the identification file in the top of every page of website. User's session looks like $_SESSION['user']

<strong>And than is my question:</strong>

Must I place to the authentication file session_start() instruction? I asked it because new session creates every time I use this instruction.

<strong>Update</strong> <a href="http://pastebin.com/Nh3zj6mR" rel="nofollow">http://pastebin.com/Nh3zj6mR</a> user identification script

Yes, you have to place <strong>session_start()</strong> at top of every <strong>php</strong> page (before any output was generated, no headers must have sent before) to tell php to accept / start session, expect your <strong>php.ini</strong> is setup, that <strong>sessions</strong> start automatic.

<blockquote> <blockquote>

I asked it because new session creates every time I use this instruction.<<

</blockquote> </blockquote>

That is a hint, that your <strong>browser</strong> ignore (disallow) session cookies

Unless you execute session_start(), PHP's session mechanism will <strong>NOT</strong> activate. The $_SESSION will be present, you'll be able to read/modify it, but its values will NOT be persisted - e.g... the contents will be lost when the script exits.

If you are running session_start() in every script that uses session data, but the session data is not showing up, then there's probably a misconfiguration causing the session cookie to be lost, and PHP is creating a new session each time.