UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

Slides:



Advertisements
Similar presentations
LIS651 lecture 3 functions & sessions Thomas Krichel
Advertisements

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK) Lecture 3 PHP (2) : Functions, User Defined Functions & Environment Variables.
CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
PHP and the Web: Session : 4. Predefined variables PHP provides a large number of predefined global variables to any script which it runs also called.
SWU, Computer systems and technologies. The Objective of This Lecture To give you a very high-level overview of some of the tools for Web Programming.
©2009 Justin C. Klein Keane PHP Code Auditing Session 7 Sessions and Cookies Justin C. Klein Keane
Chapter 10 Managing State Information PHP Programming with MySQL.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Chapter 10 Maintaining State Information Using Cookies.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
Cookies Set a cookie – setcookie() Extract data from a cookie - $_COOKIE Augment user authentication script with a cookie.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
PHP Tutorial - Anas Jaghoub Chapter 2 Control Structures.
CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.
Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.
Chapter 8 Cookies And Security JavaScript, Third Edition.
12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.
School of Computing and Information Systems CS 371 Web Application Programming PHP – Forms, Cookies, Sessions and Database.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
PHP1-1 PHP Lecture 2 Xingquan (Hill) Zhu
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
1 Maryland ColdFusion User Group Session Management December 2001 Michael Schuler
Chapter 6 Server-side Programming: Java Servlets
1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Cookies & Session Web Technology
11 1 Cookies CGI/Perl Programming By Diane Zak Objectives In this chapter, you will: Learn the difference between temporary and persistent cookies.
PHP Workshop ‹#› Maintaining State in PHP Part II - Sessions.
SessionsPHPApril 2010 : [‹#›] Maintaining State in PHP Part II - Sessions.
COOKIES and SESSIONS. COOKIES A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each.
Sessions in PHP – Page 1 of 13CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: Sessions in PHP Reading: Williams.
Web Database Programming Week 7 Session Management & Authentication.
Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.
Lecture 7 Maintaining State (cookies & sessions) & MySQL Interaction (revisited)
PHP Cookies. Cookies are small files that are stored in the visitor's browser. Cookies can be used to identify return visitors, keep a user logged into.
ASP. What is ASP? ASP stands for Active Server Pages ASP is a Microsoft Technology ASP is a program that runs inside IIS IIS stands for Internet Information.
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
Copyright ©2005  Department of Computer & Information Science Working with Cookies.
Sessions Brendan Knight A visitor accessing your web site is assigned a unique id. This id links to specific data that remains on the server. Sessions.
SESSIONS 27/2/12 Lecture 8. ? Operator Similar to the if statement but returns a value derived from one of two expressions by a colon. Syntax: (expression)
PHP and Sessions. Session – a general definition The GENERAL definition of a session in the “COMPUTER WORLD” is: The interactions (requests and responses)
 A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests.
ITM © Port,Kazman 1 ITM 352 Cookies. ITM © Port,Kazman 2 Problem… r How do you identify a particular user when they visit your site (or any.
1 PHP HTTP After this lecture, you should be able to know: How to create and process web forms with HTML and PHP. How to create and process web forms with.
Web Page Designing With Dreamweaver MX\Session 1\1 of 9 Session 3 PHP Advanced.
Cookies and Sessions in PHP. Arguments for the setcookie() Function There are several arguments you can use i.e. setcookie(‘name’, ‘value’, expiration,
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Distributed Web Systems Cookies and Session Tracking Lecturer Department University.
Web Programming with PHP (3) Superglobals, Form & File processing.
Fundamentals of Web DevelopmentRandy Connolly and Ricardo HoarFundamentals of Web DevelopmentRandy Connolly and Ricardo Hoar Fundamentals of Web DevelopmentRandy.
Programming for the Web Cookies & Sessions Dónal Mulligan BSc MA
© Copyright 2012 Hidaya Trust (Pakistan) ● A Non-Profit Organization ● / www,histpk.org Hidaya Institute of Science & Technology
The need for persistence Consider these examples  Counting the number of “hits” on a website  i.e. how many times does a client load your web page source.
Managing State Chapter 13.
CSE 154 Lecture 20: Cookies.
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
Maintaining State in PHP Part II - Sessions
Web Programming Language
Cookies and Sessions in PHP
Open Source Programming
<?php require("header.htm"); ?>
Maintaining State in PHP Part II - Sessions
Web Programming Language
Cookies and Sessions.
Web Programming Language
Presentation transcript:

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK) Lecture 4 PHP (3) : Maintaining State – Cookies & Sessions

last lecture … Inbuilt functions Common inbuilt function examples User defined functions - declaration - return statement - values & references - scope (local & global) - arguments - default values Environment Variables & Superglobals $_GET & $_POST

Stateful v. Stateless "State" is a central concern of all sorts of distributed applications, but especially of Web applications. When applied to a protocol, "state" treats each series of interactions as having continuity, much like a single program's state. A "stateless" protocol is one in which there is no such continuity; each request must be processed entirely on its own merits. HTTP and its derivatives are intrinsically "stateless". The request/response cycle of a HTTP interaction does not maintain "memory" of any previous interactions.

Stateful v. Stateless (2) Stateful Interaction: Request 1: “What is Alice’s account number?” Response 1: 145678093 Request 2: “What is her current balance?” Response 2: £345.65 Stateless Interaction: Request 1: “What is Alice’s account number?” Response 1: 145678093 Request 2: “What is Alice’s current balance?” Response 2: £345.65

$_SERVER['HTTP_REFERER'] Is PHP stateless? (well … yes) On a webserver, PHP scripts have no shared state, so each instance of a PHP script runs in its own logical memory space. The scripts maintain no persisted state, so each script start off fresh as a daisy, with no data to indicate what happened the previous times it was executed. Variables are destroyed as soon as the page script finishes executing. The script can access the ‘referrer’, the address of the previous page, although this can’t really be trusted. $_SERVER['HTTP_REFERER']

Is PHP stateless? (well … not necessarily) The usual way to maintain state in PHP scripts is via the use of sessions. To understand how these work, we need to have a look at what cookies are and how they work …

Client/Server interaction with Cookies A cookie is a small file that the server embeds on the user's browsers file system. Each time the same browser requests a page, it will send the cookie too. With PHP, you can both create and retrieve cookie values.

Setting / Retrieving / Deleting a Cookie with PHP Setting a cookie : use the setcookie() function setcookie(name, value, expire, path, domain); Retrieve a cookie : use the $_COOKIE superglobal // Print a cookie echo $_COOKIE["name"]; // A way to view all cookies print_r($_COOKIE); Delete a cookie : set the time to a past instance // set the expiration date to one hour ago setcookie("name", "", time()-3600);

Setting & Retrieving a Cookie with PHP if (!isset($_COOKIE['visits'])) $_COOKIE['visits'] = 0; $visits = $_COOKIE['visits'] + 1; setcookie('visits', $visits, time()+3600*24*365); ?> <!DOCTYPE html> <html> <head> <title>PHP Cookie Example 1</title> </head> <body> if ($visits > 1) { echo("This is visit number $visits."); } else { #First visit echo('Welcome to my Website! This is your first visit!'); </body> </html> read cookie value to variable, add 1 set cookie to now + 1 year run script ** Note : the cookie must be sent before any other headers. Keep refreshing the page to see the cookie at work.

setcookie() keys & values setcookie(name [,value [,expire [,path [,domain,secure]]]]]) name = cookie name value = data to store (string) expire = UNIX timestamp when the cookie expires. Default is that cookie expires when browser is closed. path = Path on the server within and below which the cookie is available on. domain = Domain at which the cookie is available for. secure = If cookie should be sent over HTTPS connection only. Default false.

Cookie limits & notes Each cookie on the user’s computer is connected to a particular domain. Each cookie can store up to 4kB of data. A maximum of 20 cookies can be stored on a user’s PC per domain Only strings can be stored in Cookie files. To store an array in a cookie, convert it to a string by using the serialize() PHP function. The array can be reconstructed using the unserialize() function once it had been read back in. Cookies are stored client-side, so never can’t be trusted completely: They can be easily viewed, modified or created by a 3rd party. They can be turned on and off at will by the user.

PHP Sessions Since HTTP is a stateless protocol – a PHP session can be used to store user information on the server for later use (i.e. username, shopping items, etc). Session information is temporary and will be deleted after the user has left the website. Session data can be made persistent by storing the data in a database. Sessions work by creating a unique id (UID) for each visitor and store variables based on this UID. The UID is either stored in a cookie or is propagated in the URL (if cookies are turned off for instance).

Cookies v. Sessions Cookies Sessions Limited storage space Practically unlimited space Insecure storage client-side Reasonably securely stored server-side User controlled No user control

Starting / Resuming a Session session_start(); PHP does all the work: It looks for a valid session id in the $_COOKIE or $_GET superglobals – if found it initializes the data. If none found, a new session id is created. Note that like setcookie(), this function must be called before any echoed output to browser. Example session id: 26fe536a534d3c7cde4297abb45e275a

Storing / Retrieving / Deleting Session data The $_SESSION superglobal array can be used to store any session data. e.g. $_SESSION[‘name’] = $name; $_SESSION[‘age’] = $age; To retrieve session values, data is simply read back from the $_SESSION superglobal array. $name = $_SESSION[‘name’]; $age = $_SESSION[‘age’]; To delete session data – simply unset()a particular session variable unset($_SESSION[‘name’]); To destroy a session – use the session_destory() function e.g. session_destory();

Setting & Retrieving a Session value with PHP <?php session_start(); if(isset($_SESSION['visits'])) { $_SESSION['visits']=$_SESSION['visits']+1; } else { $_SESSION['visits']=1; } echo "This is visit number ". $_SESSION['visits']; ?> must be the first line in script ** Note : Keep refreshing the page to see the session counter at work. run script

Typical process flow to save session data in a DB