1. www.BZUpages.com Dynamic Programming with PHP (mktime), Cookies, SQL, Authentication

2. www.BZUpages.com Agenda mktime: One more date/time tag Cookies –Setting –Using –Removing Headers SQL Protecting Pages with.htaccess and Using authentication variables

3. www.BZUpages.com Constructing Timestamps: mktime To determine a timestamp for a specific time, use the mktime function. mktime returns the Unix timestamp corresponding to the arguments given. This timestamp is a long integer containing the number of seconds between the Unix Epoch (January 1 1970) and the time specified. The format is $var = mktime(hour, minute, second, month, day, year);

4. www.BZUpages.com mktime Examples: The year 2000: $y2k=mktime(0,0,0,1,1,2000); Can also use $y2k=mktime(0,0,0,1,1,00); Alex’s Birthday: $bday = mktime (0,0,0,12,1,1980)); And logically equivalent is: $bday = mktime (0,0,0,11,31,80));

5. www.BZUpages.com Cookies What Are Cookies? –A cookie is a named piece of information that is stored in a web browser. –They’re often used to store information that won’t work well being sent to and back from the server, such as e- commerce preferences, and shopping carts– thus you don’t need the user to authenticate to store the info. Cookies are controlled by the security settings in the user’s browser– DON’T DEPEND ON THEM! If a cookie exists then it will appear as a named PHP variable, and also in the $HTTP_COOKIE_VARS Associative Array

6. www.BZUpages.com Creating Cookies with setcookie To set a cookie use the setcookie command: setcookie(name, value, expire, path, domain, secure) –Only name and value are required. expire is a timestamp: when the cookie should be removed. If marked “secure”, cookies will only work when the Secure Socket Layer (SSL) is active. Examples: setcookie ("Cookie1", $value); setcookie ("Cookie1", $value, time()+3600); // will expire in 1 hour

7. www.BZUpages.com Setcookie – when to use? Cookies are actually stored in the HTTP Response Header, in this format: –Set-Cookie: NAME=VALUE; expires=DATE; path=PATH; domain=DOMAIN_NAME; secure –Detailed info at http://wp.netscape.com/newsref/std/cookie _spec.html –Since cookies are stored in the response header they cannot be used until the 2 nd time a page a loaded (once to set, once to read)

8. www.BZUpages.com Removing cookies To remove a cookie, simply set the expiration time to a time in the past– the next time the headers are sent, the cookies will be deleted. Ex) setcookie(“Cookie1”,0,time()-50);

9. www.BZUpages.com Cookies Example <?php if (isset($HTTP_COOKIE_VARS["count"])) { $num=$HTTP_COOKIE_VARS["count"]; $num++; setcookie("count",0,time()-10); setcookie("count",$num,time()+24*3600*5); echo "You've visited this page $num times"; } else { setcookie("count", 0, time()+24*3600*5); header("Location:cook.php"); } ?>

10. www.BZUpages.com Headers When a client sends a request to a web server, it needs a way to give the web server specific information about the request– ie how data in the request has been formatted, what web browser the client is using, etc. All of this information is specified via fields in the request known as HTTP headers. Sending raw HTTP headers in PHP is easy: just use the header(“headers”) function to write headers. Note that all headers must be sent before any output from a page (even white-space) Ex: To redirect users from your PHP page, you could use: header (“Location:http://www.amherst.edu/redirect”); http://www.w3.org/Protocols/rfc2616/rfc2616.html http://www.cs.tut.fi/~jkorpela/http.html

11. www.BZUpages.com What is SQL? Structured Query Language, or “SQL” allows you to: –access a database –execute queries against a database –retrieve data from a database –Insert, Update and Delete records from a database. –It’s also easy to learn!

12. www.BZUpages.com SQL Tables Everything in SQL is stored in tables: Each table is identified by a name (i.e. “People"). Tables contain records (rows) with data. Below is an example of a table called "People": The table contains three records (one for each person) and four columns (LName, FName, Phone, and ID). LnameFnamePhone#ID SmithJohn53090 KarlssonKarl42001 WallaceWilliam85692

13. www.BZUpages.com SQL DML (Data Manipulation Language) SELECT - extracts data from a database table UPDATE - updates data in a database table DELETE - deletes data from a database table INSERT INTO - inserts new data into a database table

14. www.BZUpages.com SQL Queries With SQL we can “Query” a table and have a result set returned. NOTE: all queries return an associative array The Query: “SELECT LName FROM People” will return: Smith Karlsson Wallace

15. www.BZUpages.com SQL Queries: WHERE You can use the word WHERE to limit your result sets, using the following operators: = equal to <> Not equal to >, <, <= GT, LT, LTE BETWEENin a specified range LIKEmatches a pattern SELECT LName FROM People WHERE id=1 returns Karlsson

16. www.BZUpages.com AND, OR AND and OR can also be used to construct more complicated queries: SELECT * FROM People WHERE id > 0 AND Lname LIKE ‘Hoch’ The * is used as a wildcard, and will return the data in all columns

17. www.BZUpages.com ORDER BY The results of queries can be used to sort returned result sets using the ORDER BY clause: SELECT * FROM People ORDER BY Lname Will order results alphabetically by Last Name. Likewise you could SELECT * FROM People ORDER BY Lname DESC will order results in reverse alphabetical order (Z-A)

18. www.BZUpages.com SQL Resources For more info on SQL I’d recommend the following sites: http://www.w3schools.com/sql/ webmonkey.com PHP.Net

19. www.BZUpages.com User Authentication To protect your pages you can require a user to authenticate (log-in) before they have access to the page. –This is done with an.htaccess file. You can write protected pages on your own, by hand. –Once a user has logged in you can use the $REMOTE_USER variable to retrieve their username $REMOTE_USER is just one of the many useful reserved variables names. –See a complete list at: http://www.php.net/manual/en/reserved.variables.php