PHP Cookies, Sessions, and Session Variables: Understanding and Using, Slides of Fundamentals of E-Commerce

An overview of php cookies, sessions, and session variables. It covers the basics of cookies, their usage, and deletion. The document also explains sessions, their workings, and session ids. Additionally, it discusses session variable arrays and when to use sessions. Examples and links to further resources.

Typology: Slides

2012/2013

Uploaded on 07/30/2013

asif.ali
asif.ali 🇮🇳

5

(3)

129 documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
PHPCOOKIES,SESSIONS,
AND SESSION VARIABLES
Objectives
UnderstandanduseCookiesinPHPscripts.
UnderstandanduseSessionsandSessionvariables
i i
i
nPHPscr
i
pts.
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download PHP Cookies, Sessions, and Session Variables: Understanding and Using and more Slides Fundamentals of E-Commerce in PDF only on Docsity!

1

PHP COOKIES, S ESSIONS ,

AND S ESSION VARIABLES

Objectives

  • Understand and use Cookies in PHP scripts.
  • Understand and use Sessions and Session variables ii n PHP scripts.i

2

HTTP

HTTP is a stateless protocol Each page "stands alone" and has no memory of past actions. ti Addressed in Netscape 3.0 with cookies. Cookies allow us to write data to user's computer and read that data as user traverses site. Cookies can only beCookies can only be writtenwritten as part of headeras part of header information, therefore cannot create or add to a cookie after writing to browser.

Using cookies

To create a cookie, use setcookie() setcookie(cookiename, value, [expire]); setcookie("cook" "27");setcookie( cook , 27 ); Expiration—expressed using time. If not set, cookie is valid for this user session only. setcookie("other","1", time()+60602430);* http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐1.php Retrieved similar to $_POST variables: $_COOKIE['cookiename'] http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐2.php

4

What is session control?

Gives ability to track a user through site, and easily move data related to that user among pages. NNo needd to move dd ata throughh h hidd hidd en ff orm fi ldfields. Very useful for authentication, but can be used any time persistent data needed throughout a site visit.

How sessions work

Sessions are identified by a random number (Session ID) generated by PHP and stored on the client computer in 1 of 2 ways:client computer in 1 of 2 ways: Using a cookie, if the user's browser supports. Appending the session number to URLs as user traverses site www.whatever.com?PHPSESSID=495294532459x Session ID corresponds a session data store onSession ID corresponds a session data store on server A session will eventually expire‐‐usually after a specified period of inactivity.

5

Progression of events

PHP script starts a session. Done before any other page activity. session_start(); i t t() Session ID created and stored on user's computer. (if possible) Session variables are created, and values stored on the server. PHP script can use these variables from page to page throughout a site.

Using session variables

Some PHP servers automatically start a Session for every user when they visit the site. MM ay slowl thingshi dd own dd ue to unnecessary overhead.h d Controlled by PHP.ini file on the server. http://einstein.etsu.edu/~pittares/PHPTest/phpinformation.php Session operations changed in PHP 4.1, so be carefulcareful with older installations and reference with older installations and reference books.

7

Manipulating Session ID

session_id() allows you to get or set the Session ID. IfIf no parameter, returns theh SS essioni IDID. If given a parameter, sets that as the Session ID. http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐7.php http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐8.php

Manipulating the Session data

session_unset() erases all session variables and data. h // d / / / l / h

unset() can be used to erase a single variable and data. unset($_SESSION['myvar']); session destroy() destroys the session data

http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐9.php

session_destroy() destroys the session data (without destroying the session variables). Can be useful for "logging out" user. http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐10.php http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐11.php

8

Session variable arrays

Session variables can be arrays "; foreach ($_SESSION['list'] as $item) echo "$item"; ?> Can be useful technique for shopping carts or other data that is accumulated over multiple page visits. http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐12.php

When and why to use Sessions

Performance When performing a slow operation, storing the results for use on several pp gages is better than repeatingp g the calculation on each. Example: storing results of SQL query Sequence When a user process takes place over a sequence of screens, storing information saves time and user input. Personalization Session variables can be used to store user color or layout preferences or facts about browsing activity. Pages can then adapt to that activity. http://einstein.etsu.edu/~pittares/CSCI2910/examples/8‐13.php

10

Session ID Numbers

If the user allows Cookies, this will be handled automatically. Iff h the user dd oes not allowll CC ookies,ki thenh as you move from page to page you (the programmer) must manually keep up with the Session ID. Append the SID to the URL. test Or turn on transparent SID support in the PHP configuration

a e sess o .p p? S SS? S? test /a

If the user accepts cookies:

If Transparent SID is on

If the user does not accept cookies: