269200 Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.

Slides:



Advertisements
Similar presentations
CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
Advertisements

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
©2009 Justin C. Klein Keane PHP Code Auditing Session 7 Sessions and Cookies Justin C. Klein Keane
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
Chapter 10 Managing State Information PHP Programming with MySQL.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Chapter 10 Maintaining State Information Using Cookies.
Objectives Learn about state information
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
Cookies Set a cookie – setcookie() Extract data from a cookie - $_COOKIE Augment user authentication script with a cookie.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
PHP Tutorial - Anas Jaghoub Chapter 2 Control Structures.
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.
Week 9 PHP Cookies and Session Introduction to JavaScript.
CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.
Creating Databases for Web Applications cookie examples lab time: favorites cookies & Sessions class time for group work/questions on projects Next class:
Chapter 8 Cookies And Security JavaScript, Third Edition.
12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.
School of Computing and Information Systems CS 371 Web Application Programming PHP – Forms, Cookies, Sessions and Database.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
Cookies Web Browser and Server use HTTP protocol to communicate and HTTP is a stateless protocol. But for a commercial website it is required to maintain.
1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Cookies & Session Web Technology
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
PHP Workshop ‹#› Maintaining State in PHP Part II - Sessions.
STATE MANAGEMENT.  Web Applications are based on stateless HTTP protocol which does not retain any information about user requests  The concept of state.
SessionsPHPApril 2010 : [‹#›] Maintaining State in PHP Part II - Sessions.
PHP Programming with MySQL Slide 10-1 CHAPTER 10 Managing State Information.
COOKIES and SESSIONS. COOKIES A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each.
Sessions in PHP – Page 1 of 13CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: Sessions in PHP Reading: Williams.
Web Database Programming Week 7 Session Management & Authentication.
Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.
Sessions and Cookies State Management, Cookies, Sessions, Hidden Fields SoftUni Team Technical Trainers Software University
PHP Cookies. Cookies are small files that are stored in the visitor's browser. Cookies can be used to identify return visitors, keep a user logged into.
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
PHP Session ISYS 475. Session The web server starts a session when a visitor visiting your web site and assigns a unique id, the session id for the session.
Sessions Brendan Knight A visitor accessing your web site is assigned a unique id. This id links to specific data that remains on the server. Sessions.
SESSIONS 27/2/12 Lecture 8. ? Operator Similar to the if statement but returns a value derived from one of two expressions by a colon. Syntax: (expression)
PHP-language, sessions Teppo Räisänen Principal Lecturer Oulu University of Applied Sciences School of Business and Information Management
PHP and Sessions. Session – a general definition The GENERAL definition of a session in the “COMPUTER WORLD” is: The interactions (requests and responses)
 A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests.
ITM © Port,Kazman 1 ITM 352 Cookies. ITM © Port,Kazman 2 Problem… r How do you identify a particular user when they visit your site (or any.
1 PHP HTTP After this lecture, you should be able to know: How to create and process web forms with HTML and PHP. How to create and process web forms with.
8-Mar-16 More About Servlets Session Tracking. Persistent information A server site typically needs to maintain two kinds of persistent (remembered) information:
Cookies and Sessions in PHP. Arguments for the setcookie() Function There are several arguments you can use i.e. setcookie(‘name’, ‘value’, expiration,
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Sessions and cookies (part 2) MIS 3501, Fall 2015 Brad N Greenwood, PhD Department of MIS Fox School of Business Temple University 11/19/2015.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
COOKIES AND SESSIONS.
HTTP Transactions 1. 2 Client-Server Model 3 HTTP HyperText Transport Protocol Native protocol for WWW Sits on top of internet’s TCP/IP protocol HTTP.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Fundamentals of Web DevelopmentRandy Connolly and Ricardo HoarFundamentals of Web DevelopmentRandy Connolly and Ricardo Hoar Fundamentals of Web DevelopmentRandy.
Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.
Programming for the Web Cookies & Sessions Dónal Mulligan BSc MA
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
Sessions and cookies (part 2)
Web Programming Language
Cookies and Sessions in PHP
What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.
<?php require("header.htm"); ?>
Web Programming Language
Cookies and sessions Saturday, February 23, 2019Saturday, February 23,
Web Programming Language
Presentation transcript:

Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies

Security So, you have your calendar! But do you want everyone to be able to see your appointments? Or do we want to be able to store the appointments of multiple users? Perhaps sharing appointments between users?

Logging in Well, now we can create a table in our database which stores a username and a password! We could then make the user log in before they can access the pages where new babies are added.

Go Ahead! Issues: Encryption Comparison

More problems… “HTTP is a stateless protocol, which means that as soon as a page has been sent to the client and the connection is closed any data that has been stored is lost. As a PHP Developer, you often need a way of storing information across multiple pages of your website. The potential uses for this are many. A few examples would be tracking if a user has logged in or perhaps remembering previously set preferences for custom user pages. The common way of accomplishing this via PHP is with sessions and cookies.” (Dustin Czyst)

Cookies A cookie is a small file that is stored on the client computer when visiting a website. Cookies got a bad rap a few years ago and as a result there is a good deal of people out there with their cookies disabled. Cookies are harmless. Some sites will use them to track visitor usage and habits and people sometimes consider that an invasion of privacy, but it typically is not a problem.

Cookies Stored on the client computer and are thus decentralized. Can be set to a long lifespan and/or set to expire after a period of time from seconds to years. They work well with large sites that may use several webservers. Won’t do you any good if the client has set their browser to disable cookies. Limitations on size and number: a browser can keep only the last 20 cookies sent from a particular domain, and the values that a cookie can hold are limited to 4 KB in size. Can be edited beyond your control since they reside on the client system. Information set in the cookie is not available until the page is reloaded.

setcookie Before any HTML is transferred; setcookie(name, value, expire, path, domain, secure, httponly); setcookie(‘username’, ‘Ken’, time()+60*60*24*7); You only need have a name and a value. expire could be a time stamp for when the cookie should expire (time() ) path & domain could limit where the cookie is available secure could make the cookie only transferred across a connection httponly could stop the cookie being used by javascript

Getting a cookie value if(isset($_COOKIE[‘username’])) $username = $_COOKIE[‘username’];

Destroying a Cookie Set a time in the past setcookie(‘username’, ‘Ken’, time() ); Perhaps a long time in the past, in case the users machine has the wrong time.

Sessions Sessions are a combination of a server-side cookie and a client-side cookie, where the client-side cookie is simply a reference id to the information stored in the server-side cookie.

Sessions Server-size cookie can store very large amounts of data while regular cookies are limited in size. Since the client-side cookie generated by a session only contains the id reference (a random string of 32 hexadecimal digits, such as ‘fca17f071bbg9bf7f85ca a4 ′ called a ’session id’) you save on bandwidth. Much more secure than regular cookies since the data is stored on the server and cannot be edited by the user. Only last until the user closes their browser. Won’t work if client has cookies disabled in their browser unless some extra measures are taken ใ Can be easily customized to store the information created in the session to a database. Information is available in your code as soon as it is set.

session_start() & session_destroy() Before using session variables we need to make a call to; session_start(); We can then access and set members of the $_SESSION array $_SESSION[‘variable’] = $value; $value = $_SESSION[‘variable’]; At the end of a session we can make a call to; session_destroy();

Assignment Follow this tutorial Use it to create a login page for your calendar Check out slide 2 for ideas on how to impress me! ;)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.