Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sessions and cookies MIS 3501, Spring 2016 Jeremy Shafer Department of MIS Fox School of Business Temple University 4/12/2016.

Published byPeregrine Campbell Modified over 8 years ago

Similar presentations

Presentation on theme: "Sessions and cookies MIS 3501, Spring 2016 Jeremy Shafer Department of MIS Fox School of Business Temple University 4/12/2016."— Presentation transcript:

1 Sessions and cookies MIS 3501, Spring 2016 Jeremy Shafer Department of MIS Fox School of Business Temple University 4/12/2016

2 MySQL Weeks 6 & 7 HTML & CSS Weeks 1 & 2 PHP Weeks 3 – 5 PDO Week 8 - 10 Course Overview To do: Organize your code with MVC (week 12) Work with forms (week 13) Use cookies and sessions (week 14) We are here. Slide 2

3 Objectives Learning objectives for the week 1.Understand why HTML pages are referred to as “stateless” 2.Understand how cookies and sessions are used to preserve state, and the differences between cookies and sessions. 3.Understand the PHP commands used to manipulate sessions. 4.Understand the PHP commands used to direct a user to another page. Slide 3

4 Preserving State Slide 4

5 This is why we say HTML is “stateless”. There’s nothing implicit in browsers treatment of HTML that “remembers” the pages that were returned previously. HTML pages are, by design, intended to work over an intermittent network connection. Why managing state is difficult with HTTP Slide 5

6 Choices for managing state We are going to talk about sessions … and in a way that’s a little backwards, because cookies came first. But sessions are generally better / more secure / more useful and easier to work with. In the next slides we will compare these two mechanisms…. Cookies Sessions Slide 6

7 How cookies work Slide 7

8 How sessions work Slide 8

9 Slide 9

10 Preserving State Let’s try this example… Suggestion Box Slide 10 There should be a “public facing” aspect of our suggestion box application. It is for regular employees. It allows for anonymous submission of suggestions. But there is also a report that only management should see. We need to know the state of a session variable we’ll call “LOGGED_IN” on report.php. Either the user logged in OK or did not.

11 Mechanics …how is this accomplished? Things we need to know how to do: 1.Let specific PHP pages know that we intend to use sessions 2.Put a value into the $_SESSION[] array on successful login. 3.For protected content, check to see if that $SESSION[] variable exists. Take appropriate action if it does (or does not) exist. 4.Destroy the session when we are done. (#4 is trickier than you might think) Slide 11

12 The session_start() function Easy, right?! Just remember this one fact … you need to use the session_start() function on each page where you intend to use session data. You also have the option of changing the default behavior of the cookie with this function. You don’t typically need to do this. Slide 12

13 The $_SESSION array This convention should remind you of working with $_POST and $_GET. It should because $_POST, $_GET and $_SESSION are all superglobals. What’s a superglobal? An superglobal is just an array that the PHP Interpreter gives you “for free” - that is you don’t need to declare it or control it’s behavior. Remember… When the session_start() function is called, PHP either initializes a new $_SESSION superglobal or retrieves any variables for into the $_SESSION superglobal Slide 13

14 Killing the session PHP gives us the function session_destroy() The session_destroy() function destroys all of the data associated with the current session. But … it does not: 1.unset any of the global variables associated with the session 2.unset the session cookie on the browser Slide 14

15 A complete logout script – logout.php Slide 15 <?php // Initialize the session... Yes, this is the session we want to destroy. session_start(); // Unset all of the session variables. The session array is assigned to an empty array $_SESSION = array(); // Now... the tricky part... kill the cookie on the browser // Delete the cookie for the session $name = session_name(); // Get name of the session cookie $expire = strtotime('-1 year'); // Create expiration date in the past $setcookie($name, null, $expire); // set the cookie value to null, and expire it // Finally, destroy the session. session_destroy(); // All done with the session. Direct the user back to a landing page. header('Location:../index.php'); ?>

16 This process of directing the user from one page to another implies that we have some command(s) for doing just that sort of thing. We may want to direct the user to one page or another depending on the state of the application. This sort of conditional operation implies that …. We’re talking about conditional statements in the controller. Directing the user to different pages Slide 16

17 Directing the user to different pages (2) Slide 17 We have already seen controllers that use include and exit commands to reference different views. But… what if I want to jump the user to an entirely different application?

18 Directing the user to different pages (3) Slide 18 For that, we will use a different command! The header command has this syntax: header('Location: url-goes-here'); exit();

19 Directing the user to different pages (4) Slide 19 Technically, this is a bit of an oversimplification… but it is a good rule of thumb. Use include and exit within an application folder. Use header and exit to bounce the user from one application folder to another.

20 Let’s try it. As they say in show business… Slide 20

Download ppt "Sessions and cookies MIS 3501, Spring 2016 Jeremy Shafer Department of MIS Fox School of Business Temple University 4/12/2016."

Similar presentations

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.

Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie(name, value, expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.

CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.

CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
Week 9 PHP Cookies and Session Introduction to JavaScript.

Week 9 PHP Cookies and Session Introduction to JavaScript.
269200 Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.

Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.
12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.

12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.

Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.

Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
Nic Shulver, Introduction to Sessions in PHP Sessions What is a session? Example Software Software Organisation The login HTML.

Nic Shulver, Introduction to Sessions in PHP Sessions What is a session? Example Software Software Organisation The login HTML.
1 Chapter 9 – Cookies, Sessions, FTP, Email and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.

1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Cookies & Session Web Technology

Cookies & Session Web Technology
PHP Workshop ‹#› Maintaining State in PHP Part II - Sessions.

PHP Workshop ‹#› Maintaining State in PHP Part II - Sessions.
SessionsPHPApril 2010 : [‹#›] Maintaining State in PHP Part II - Sessions.

SessionsPHPApril 2010 : [‹#›] Maintaining State in PHP Part II - Sessions.
PHP. $_GET / $_POST / $_SESSION PHP uses predefined variables to provide access to important information about the server and requests from a browser.

PHP. $_GET / $_POST / $_SESSION PHP uses predefined variables to provide access to important information about the server and requests from a browser.
Sessions in PHP – Page 1 of 13CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: Sessions in PHP Reading: Williams.

Sessions in PHP – Page 1 of 13CSCI 2910 – Client/Server-Side Programming CSCI 2910 Client/Server-Side Programming Topic: Sessions in PHP Reading: Williams.
Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.

Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.
PHP-language, sessions Teppo Räisänen Principal Lecturer Oulu University of Applied Sciences School of Business and Information Management

PHP-language, sessions Teppo Räisänen Principal Lecturer Oulu University of Applied Sciences School of Business and Information Management

Similar presentations

Ads by Google