Php cookies & sessions.

Slides:



Advertisements
Similar presentations
UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Advertisements

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
PHP and the Web: Session : 4. Predefined variables PHP provides a large number of predefined global variables to any script which it runs also called.
Chapter 10 Managing State Information Using Sessions.
Multiple Tiers in Action
Chapter 10 Managing State Information PHP Programming with MySQL.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
Session Management A290/A590, Fall /25/2014.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Chapter 10 Maintaining State Information Using Cookies.
Objectives Learn about state information
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
PHP Hypertext PreProcessor. Documentation Available SAMS books O’Reilly Books.
PHP Tutorial - Anas Jaghoub Chapter 2 Control Structures.
CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.
Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.
12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Cookies & Session Web Technology
CSC 2720 Building Web Applications Server-side Scripting with PHP.
Dynamic Programming with PHP (mktime), Cookies, SQL, Authentication.
PHP Programming with MySQL Slide 10-1 CHAPTER 10 Managing State Information.
Advance web Programming Managing State Information (Cookies-Session) Date: 22 April 2014 Advance web Programming Managing State Information (Cookies-Session)
PHP. $_GET / $_POST / $_SESSION PHP uses predefined variables to provide access to important information about the server and requests from a browser.
COOKIES and SESSIONS. COOKIES A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each.
Sessions in PHP – Page 1 of 13CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: Sessions in PHP Reading: Williams.
Web Database Programming Week 7 Session Management & Authentication.
Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.
Sessions and Cookies State Management, Cookies, Sessions, Hidden Fields SoftUni Team Technical Trainers Software University
PHP Session ISYS 475. Session The web server starts a session when a visitor visiting your web site and assigns a unique id, the session id for the session.
How to maintain state in a stateless web Shirley Cohen
Sessions Brendan Knight A visitor accessing your web site is assigned a unique id. This id links to specific data that remains on the server. Sessions.
SESSIONS 27/2/12 Lecture 8. ? Operator Similar to the if statement but returns a value derived from one of two expressions by a colon. Syntax: (expression)
PHP-language, sessions Teppo Räisänen Principal Lecturer Oulu University of Applied Sciences School of Business and Information Management
Cookies / Sessions Week 10 TCNJ Web 2 Jean Chu. Webpages have no memories.
PHP and Sessions. Session – a general definition The GENERAL definition of a session in the “COMPUTER WORLD” is: The interactions (requests and responses)
 A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests.
ITM © Port,Kazman 1 ITM 352 Cookies. ITM © Port,Kazman 2 Problem… r How do you identify a particular user when they visit your site (or any.
1 PHP HTTP After this lecture, you should be able to know: How to create and process web forms with HTML and PHP. How to create and process web forms with.
1 CS428 Web Engineering Lecture 22 Building Dynamic Web pages (PHP - V)
Web Page Designing With Dreamweaver MX\Session 1\1 of 9 Session 3 PHP Advanced.
Cookies and Sessions in PHP. Arguments for the setcookie() Function There are several arguments you can use i.e. setcookie(‘name’, ‘value’, expiration,
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
HTTP Transactions 1. 2 Client-Server Model 3 HTTP HyperText Transport Protocol Native protocol for WWW Sits on top of internet’s TCP/IP protocol HTTP.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Programming for the Web Cookies & Sessions Dónal Mulligan BSc MA
PHP – Hypertext Preprocessor.
© Copyright 2012 Hidaya Trust (Pakistan) ● A Non-Profit Organization ● / www,histpk.org Hidaya Institute of Science & Technology
CSE 154 Lecture 20: Cookies.
Y.-H. Chen International College Ming-Chuan University Fall, 2004
CGS 3066: Web Programming and Design Spring 2016
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
ITM 352 Cookies.
Web Programming Language
Cookies and Sessions in PHP
Open Source Programming
Cookies BIS1523 – Lecture 23.
<?php require("header.htm"); ?>
CSE 154 Lecture 21: Sessions.
CSE 154 Lecture 22: Sessions.
PHP State.
Cookies and Sessions.
Web Programming Language
[Based in part on SWE 432 and SWE 632 materials by Jeff Offutt, GMU]
Presentation transcript:

Php cookies & sessions

caveat Cookies must be set before any header information for html is sent.

Set user to Bob <?php $name = "Bob"; setcookie("user",$name); ?> <html> <head> <title> PHP - Cookie Example 1 </title> </head> <body> <h1>Cookie Example 1</h1> <font size=+2 face = verdana></font> print ("set user name cookie" . $name); </body> </html>

Get cookie <?php $user = $HTTP_COOKIE_VARS["user"]; ?> <html> <head> <title> PHP - Cookie Example 1 </title> </head> <body> <h1>Cookie Example 1</h1> <font size=+2 face = verdana></font> print ("user is now... " . $user); </body> </html>

Multiple cookies & debug output <?php setcookie ("cookie1", "Higgins 245 rocks once"); setcookie ("cookie2", "Higgins 245 rocks 2 times"); setcookie ("cookie3", "Higgins 245 rocks 3 times"); ?> <html> <body> echo $_COOKIE["cookie1"]; print("<br/>"); echo $_COOKIE["cookie2"]; echo $_COOKIE["cookie3"]; //if you want to display all cookies for debugging //you can use: print_r($_COOKIE); </body> </html>

Cookies with time – code also in notes <?php // See if the HTTP request has set $count as the // result of a Cookie called "count" if(!isset($count)) { // No cookie called count, set the counter to zero $count = 0; // .. and set a cookie with the "start" time // of this stateful interaction $start = time( ); setcookie("start", $start, time( )+600, "/", "", 0); } else { $count++;} // Set a cookie "count" with the current value setcookie("count", $count, time( )+600, "/", "", 0); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" > <html> <head><title>Cookies</title></head> <body> <p>This page comes with cookies: Enjoy! <br>count = <?=$count ?>. <br>start = <?=$start ?>. <p>This session has lasted $duration = time()-$_COOKIE["start"]; echo "$duration"; seconds. </body> </html> <?php // See if the HTTP request has set $count as the // result of a Cookie called "count" if(!isset($count)) { // No cookie called count, set the counter to zero $count = 0; // .. and set a cookie with the "start" time // of this stateful interaction $start = time( ); setcookie("start", $start, time( )+600, "/", "", 0); } else { $count++; } // Set a cookie "count" with the current value setcookie("count", $count, time( )+600, "/", "", 0); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" > <html> <head><title>Cookies</title></head> <body> <p>This page comes with cookies: Enjoy! <br>count = <?=$count ?>. <br>start = <?=$start ?>. <p>This session has lasted $duration = time()-$_COOKIE["start"]; echo "$duration"; seconds. </body> </html>

session Storing the state in the web server--the middle tier--can solve the problem of increased request size and protect the state of an application from accidental or intentional changes a user might make. A session is a way to identify and manage the state--the session variables--for a particular user. When a user sends an HTTP request, the middle tier must process the current request in the context of the user's session. When a session is started, the client is given a session identifier--often a cookie--that is included with subsequent requests to the server. The server uses the session identifier to locate the corresponding session before processing the request.

Session_start() PHP provides a session_start( ) function that creates a new session and subsequently identifies and establishes an existing one. Either way, a call to the session_start( ) function initializes a session. The first time a PHP script calls session_start( ), a session identifier is generated, and, by default, a Set-Cookie header field is included in the response. The response sets up a session cookie in the browser with the name PHPSESSID and the value of the session identifier. The PHP session management automatically includes the cookie without the need to call to the setcookie( ) or header( ) functions. The session identifier (ID) is a random string of 32 hexadecimal digits, such as fcc17f071bca9bf7f85ca281094390b4. As with other cookies, the value of the session ID is made available to PHP scripts in the $HTTP_COOKIE_VARS associative array and in the $PHPSESSID variable.

Session…must set before <html> tag <?php session_start(); if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; ?> <html> <body> echo "you have visited:" . $_SESSION['views'] . " times"; //retrieve session data echo "Pageviews=". $_SESSION['views']; </body> </html>

Previous cookie example with session <?php // Initialize a session. This call either creates // a new session or re-establishes an existing one. session_start( ); // If this is a new session, then the variable // $count will not be registered if (!session_is_registered("count")) { session_register("count"); session_register("start"); $count = 0; $start = time( ); } else $count++; $sessionId = session_id( ); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" > <html> <head><title>Sessions</title></head> <body> <p>This page points at a session (<?=$sessionId?>) <br>count = <?=$count?>. <br>start = <?=$start?>. <p>This session has lasted $duration = time( ) - $start; echo "$duration"; seconds. </body> </html> <?php // Initialize a session. This call either creates // a new session or re-establishes an existing one. session_start( ); // If this is a new session, then the variable // $count will not be registered if (!session_is_registered("count")) { session_register("count"); session_register("start"); $count = 0; $start = time( ); } else $count++; $sessionId = session_id( ); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" > <html> <head><title>Sessions</title></head> <body> <p>This page points at a session (<?=$sessionId?>) <br>count = <?=$count?>. <br>start = <?=$start?>. <p>This session has lasted $duration = time( ) - $start; echo "$duration"; seconds. </body> </html>

Ending a Session At some point in an application, sessions may need to be destroyed. For example, when a user logs out of an application, a call to the session_destroy( ) function can be made. A call to session_destroy( ) removes the session file from the system but doesn't remove the PHPSESSID cookie from the browser. next shows how the session_destroy( ) function is called. A session must be initialized before the session_destroy( ) call can be made. You should also test to see if $PHPSESSID is a set variable before killing the session. This prevents the code from creating a session, then immediately destroying it if the script is called without identifying a session. However, if the user has previously held a session cookie, PHP initializes the $PHPSESSID variable, and the code redundantly creates and destroys a session.

<?php // Initialize the session session_start( ); $value=session_id( ); // Generate the embedded URL // to page that processes an order $orderUrl = "/order.php?PHPSESSID=" . session_id( ); ?> <html> <body> link to a page to process order carrying session info with it echo "session info $value"; <br/> <a href="<?=$orderUrl ?>">Create Order</a> </body> </html>

Display id and link to a page for order

The order page <?php // Initialize the session session_start( ); $value=session_id( ); ?> <html> order page<br/> echo "session info $value"; </html