Presentation is loading. Please wait.

Presentation is loading. Please wait.

Php cookies & sessions.

Similar presentations


Presentation on theme: "Php cookies & sessions."— Presentation transcript:

1 Php cookies & sessions

2 caveat Cookies must be set before any header information for html is sent.

3 Set user to Bob <?php $name = "Bob"; setcookie("user",$name); ?>
<html> <head> <title> PHP - Cookie Example 1 </title> </head> <body> <h1>Cookie Example 1</h1> <font size=+2 face = verdana></font> print ("set user name cookie" . $name); </body> </html>

4 Get cookie <?php $user = $HTTP_COOKIE_VARS["user"]; ?>
<html> <head> <title> PHP - Cookie Example 1 </title> </head> <body> <h1>Cookie Example 1</h1> <font size=+2 face = verdana></font> print ("user is now... " . $user); </body> </html>

5 Multiple cookies & debug output
<?php setcookie ("cookie1", "Higgins 245 rocks once"); setcookie ("cookie2", "Higgins 245 rocks 2 times"); setcookie ("cookie3", "Higgins 245 rocks 3 times"); ?> <html> <body> echo $_COOKIE["cookie1"]; print("<br/>"); echo $_COOKIE["cookie2"]; echo $_COOKIE["cookie3"]; //if you want to display all cookies for debugging //you can use: print_r($_COOKIE); </body> </html>

6 Cookies with time – code also in notes
<?php // See if the HTTP request has set $count as the // result of a Cookie called "count" if(!isset($count)) { // No cookie called count, set the counter to zero $count = 0; // .. and set a cookie with the "start" time // of this stateful interaction $start = time( ); setcookie("start", $start, time( )+600, "/", "", 0); } else { $count++;} // Set a cookie "count" with the current value setcookie("count", $count, time( )+600, "/", "", 0); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" " > <html> <head><title>Cookies</title></head> <body> <p>This page comes with cookies: Enjoy! <br>count = <?=$count ?>. <br>start = <?=$start ?>. <p>This session has lasted $duration = time()-$_COOKIE["start"]; echo "$duration"; seconds. </body> </html> <?php // See if the HTTP request has set $count as the // result of a Cookie called "count" if(!isset($count)) { // No cookie called count, set the counter to zero $count = 0; // .. and set a cookie with the "start" time // of this stateful interaction $start = time( ); setcookie("start", $start, time( )+600, "/", "", 0); } else { $count++; } // Set a cookie "count" with the current value setcookie("count", $count, time( )+600, "/", "", 0); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" " > <html> <head><title>Cookies</title></head> <body> <p>This page comes with cookies: Enjoy! <br>count = <?=$count ?>. <br>start = <?=$start ?>. <p>This session has lasted $duration = time()-$_COOKIE["start"]; echo "$duration"; seconds. </body> </html>

7 session Storing the state in the web server--the middle tier--can solve the problem of increased request size and protect the state of an application from accidental or intentional changes a user might make. A session is a way to identify and manage the state--the session variables--for a particular user. When a user sends an HTTP request, the middle tier must process the current request in the context of the user's session. When a session is started, the client is given a session identifier--often a cookie--that is included with subsequent requests to the server. The server uses the session identifier to locate the corresponding session before processing the request.

8 Session_start() PHP provides a session_start( ) function that creates a new session and subsequently identifies and establishes an existing one. Either way, a call to the session_start( ) function initializes a session. The first time a PHP script calls session_start( ), a session identifier is generated, and, by default, a Set-Cookie header field is included in the response. The response sets up a session cookie in the browser with the name PHPSESSID and the value of the session identifier. The PHP session management automatically includes the cookie without the need to call to the setcookie( ) or header( ) functions. The session identifier (ID) is a random string of 32 hexadecimal digits, such as fcc17f071bca9bf7f85ca b4. As with other cookies, the value of the session ID is made available to PHP scripts in the $HTTP_COOKIE_VARS associative array and in the $PHPSESSID variable.

9 Session…must set before <html> tag
<?php session_start(); if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; ?> <html> <body> echo "you have visited:" . $_SESSION['views'] . " times"; //retrieve session data echo "Pageviews=". $_SESSION['views']; </body> </html>

10 Previous cookie example with session
<?php // Initialize a session. This call either creates // a new session or re-establishes an existing one. session_start( ); // If this is a new session, then the variable // $count will not be registered if (!session_is_registered("count")) { session_register("count"); session_register("start"); $count = 0; $start = time( ); } else $count++; $sessionId = session_id( ); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" " > <html> <head><title>Sessions</title></head> <body> <p>This page points at a session (<?=$sessionId?>) <br>count = <?=$count?>. <br>start = <?=$start?>. <p>This session has lasted $duration = time( ) - $start; echo "$duration"; seconds. </body> </html> <?php // Initialize a session. This call either creates // a new session or re-establishes an existing one. session_start( ); // If this is a new session, then the variable // $count will not be registered if (!session_is_registered("count")) { session_register("count"); session_register("start"); $count = 0; $start = time( ); } else $count++; $sessionId = session_id( ); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" " > <html> <head><title>Sessions</title></head> <body> <p>This page points at a session (<?=$sessionId?>) <br>count = <?=$count?>. <br>start = <?=$start?>. <p>This session has lasted $duration = time( ) - $start; echo "$duration"; seconds. </body> </html>

11 Ending a Session At some point in an application, sessions may need to be destroyed. For example, when a user logs out of an application, a call to the session_destroy( ) function can be made. A call to session_destroy( ) removes the session file from the system but doesn't remove the PHPSESSID cookie from the browser. next shows how the session_destroy( ) function is called. A session must be initialized before the session_destroy( ) call can be made. You should also test to see if $PHPSESSID is a set variable before killing the session. This prevents the code from creating a session, then immediately destroying it if the script is called without identifying a session. However, if the user has previously held a session cookie, PHP initializes the $PHPSESSID variable, and the code redundantly creates and destroys a session.

12 <?php // Initialize the session session_start( ); $value=session_id( ); // Generate the embedded URL // to page that processes an order $orderUrl = "/order.php?PHPSESSID=" . session_id( ); ?> <html> <body> link to a page to process order carrying session info with it echo "session info $value"; <br/> <a href="<?=$orderUrl ?>">Create Order</a> </body> </html>

13 Display id and link to a page for order

14 The order page <?php // Initialize the session session_start( );
$value=session_id( ); ?> <html> order page<br/> echo "session info $value"; </html


Download ppt "Php cookies & sessions."

Similar presentations


Ads by Google