Scribd Logo
Upload

Welcome to Scribd!

  • Welcome To Cosc 3101/ Internet Programming: Five Cookies and Session Management in PHP

    Uploaded by

    Serkalem Negusse
    41 views18 pages
    The document discusses how to use cookies and sessions in PHP, explaining that cookies are files stored on the user's computer while sessions allow storing and retrieving data across multiple pages using server-side storage; it provides examples of how to set, retrieve, modify, and delete cookies in PHP as well as how to start a PHP session, set and retrieve session variables, and check if cookies are enabled.

    Original Description:

    Original Title

    Chapter 5 Cookies&session

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses how to use cookies and sessions in PHP, explaining that cookies are files stored on the user's computer while sessions allow storing and retrieving data across multiple pages using server-side storage; it provides examples of how to set, retrieve, modify, and delete cookies in PHP as well as how to start a PHP session, set and retrieve session variables, and check if cookies are enabled.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    41 views18 pages

    Welcome To Cosc 3101/ Internet Programming: Five Cookies and Session Management in PHP

    Uploaded by

    Serkalem Negusse
    The document discusses how to use cookies and sessions in PHP, explaining that cookies are files stored on the user's computer while sessions allow storing and retrieving data across multiple pages using server-side storage; it provides examples of how to set, retrieve, modify, and delete cookies in PHP as well as how to start a PHP session, set and retrieve session variables, and check if cookies are enabled.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 18

    Dilla University

    College of Engineering and Technology


    Department of Computer Science

    Welcome to CoSc 3101/


    Internet Programming

    Chapter Five
    Cookies and Session
    Management in PHP

    By: Fiseha B.(Msc), Dec 2014,Dilla


    1
    University
    PHP Cookies
    • A cookie is often used to identify a user.
    • A cookie is a small file that the server
    embeds on the user's computer.
    • Each time the same computer requests a
    page with a browser, it will send the
    cookie too.
    • With PHP, you can both create and
    retrieve cookie values.

    By: Fiseha B.(Msc), Dec 2014,Dilla


    2
    University
    Shortcomings of using cookies to keep data

    • User may turn off cookies support.


    • Data are kept with the browser
    – Users using the same browser share the cookies.

    • Limited number of cookies (20) per server/domain and


    limited size (4k bytes) per cookie
    • Client can temper with cookies
    – Modify cookie files, use JavaScript to create/modify cookies,
    etc.
    • Notes:
    – Don't always rely on cookies as the client may have turned off
    cookies support.
    – Don't store sensitive info in cookies

    By: Fiseha B.(Msc), Dec 2014,Dilla


    3
    University
    Create Cookies With PHP
    • A cookie is created with the setcookie() function.
    – Syntax:
    • setcookie(name, value, expire, path, domain, secure,
    httponly);
    • Only the name parameter is required. All other
    parameters are optional.
    • expiration
    – Cookie expiration time in seconds
    – 0  The cookie is not to be stored persistently and will be deleted when
    the web client closes.
    – Negative value  Request the web client to delete the cookie
    – e.g.:
    setcookie('username', ‘Tola', time() + 1800); // Expire in 30 minutes

    By: Fiseha B.(Msc), Dec 2014,Dilla


    4
    University
    PHP – More About Setting Cookies …

    • path
    – Sets the path to which the cookie applies.
    – The cookie is only visible to all the pages in that directory and
    its sub-directories.
    – If set to '/', the cookie will be available within the entire
    domain.
    – If set to '/foo/', the cookie will only be available within the
    /foo/ directory and all sub-directories such as /foo/bar/ of
    domain .
    – The default value is the current directory that the cookie is
    being set in.

    By: Fiseha B.(Msc), Dec 2014,Dilla


    5
    University
    PHP – More About Setting Cookies …
    • domain
    – The domain that the cookie is available.
    – To make the cookie available on all subdomains of example.com,
    you'd set it to '.example.com'.
    – Setting it to 'www.example.com' will make the cookie only
    available in the www subdomain.

    • secure
    – Indicates that the cookie should only be transmitted over a
    secure HTTPS connection from the client. When set to TRUE,
    the cookie will only be set if a secure connection exists. The
    default is FALSE.

    • httponly
    – When TRUE the cookie will be made accessible only through the
    HTTP protocol. By: Fiseha B.(Msc), Dec 2014,Dilla
    6
    University
    PHP Create/Retrieve a Cookie
    • The following example creates a cookie named "user"
    with the value “Tola Jira".
    • The cookie will expire after 30 days (86400 * 30).
    • The "/" means that the cookie is available in entire
    website (otherwise, select the directory you prefer).
    • We then retrieve the value of the cookie "user" (using
    the global variable $_COOKIE).
    • We also use the isset() function to find out if the
    cookie is set:
    • Note: The setcookie() function must appear BEFORE
    the <html> tag.
    By: Fiseha B.(Msc), Dec 2014,Dilla
    7
    University
    Example
    <?php
    $cookie_name = "user";
    $cookie_value = “Tola Jira”;
    setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1
    day
    ?>
    <html>
    <body>
    <?php
    if(!isset($_COOKIE[$cookie_name])) {
        echo "Cookie named '" . $cookie_name . "' is not set!";
    } else {
        echo "Cookie '" . $cookie_name . "' is set!";
        echo "Value is: " . $_COOKIE[$cookie_name];
    }
    ?>
    </body>
    </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    8
    University
    Modify a Cookie Value

    • To modify a cookie, just set (again) the


    cookie using the setcookie() function:
    • Example
    <?php
    $cookie_name = "user";
    $cookie_value = "Alex Porter";
    setcookie($cookie_name, $cookie_value,
    time() + (86400 * 30), "/");
    ?>
    By: Fiseha B.(Msc), Dec 2014,Dilla
    9
    University
    Delete a Cookie
    • To delete a cookie, use the setcookie() function with an expiration date in
    the past:
    • Example
    <?php
    // set the expiration date to one hour ago
    setcookie("user", "", time() - 3600);
    ?>
    <html>
    <body>
    <?php
    echo "Cookie 'user' is deleted.";
    ?>
    </body>
    </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    10
    University
    Check if Cookies are Enabled
    • The following example creates a small script that checks whether
    cookies are enabled.
    • First, try to create a test cookie with the setcookie() function, then
    count the $_COOKIE array variable:
    • Example
    <?php
    setcookie("test_cookie", "test", time() + 3600, '/');
    ?>
    <html> <body>
    <?php
    if(count($_COOKIE) > 0) {
        echo "Cookies are enabled.";
    } else {
        echo "Cookies are disabled.";
    } ?> </body> </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    11
    University
    PHP Sessions
    • A session is a way to store information (in variables) to be used across
    multiple pages.
    • Unlike a cookie, the information is not stored on the users computer.
    • When you work with an application, you open it, do some changes, and then you
    close it. This is much like a Session.
    – The computer knows who you are.
    – It knows when you start the application and when you end.
    – But on the internet there is one problem: the web server does not know who you are or
    what you do, because the HTTP address doesn't maintain state.
    • Session variables solve this problem by storing user information to be used
    across multiple pages (e.g. username, favorite color, etc). By default, session
    variables last until the user closes the browser.
    • So; Session variables hold information about one single user, and are available
    to all pages in one application.
    • Tip: If you need a permanent storage, you may want to store the data in a
    database.

    By: Fiseha B.(Msc), Dec 2014,Dilla


    12
    University
    Start a PHP Session
    • A session is started with the session_start() function.
    • Session variables are set with the PHP global variable: $_SESSION.
    • Now, let's create a new page called "demo_session1.php". In this page, we start a
    new PHP session and set some session variables:
    <?php
    // Start the session
    session_start(); Note: The session_start()
    ?>
    <!DOCTYPE html>
    function must be the very
    <html> <body> first thing in your
    <?php
    // Set session variables
    document. Before any
    $_SESSION["favcolor"] = "green"; HTML tags.
    $_SESSION["favanimal"] = "cat";
    echo "Session variables are set.";
    ?>
    </body> </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    13
    University
    Get PHP Session Variable Values
    • Next, we create another page called "demo_session2.php". From this page, we will
    access the session information we set on the first page ("demo_session1.php").
    • Notice that session variables are not passed individually to each new page, instead
    they are retrieved from the session we open at the beginning of each page
    (session_start()).
    • Also notice that all session variable values are stored in the global $_SESSION
    variable:
    • Example
    <?php session_start(); ?>
    <html> <body>
    <?php
    // Echo session variables that were set on previous page
    echo "Favorite color is " . $_SESSION["favcolor"] . ".<br>";
    echo "Favorite animal is " . $_SESSION["favanimal"] . ".";
    ?>
    </body> </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    14
    University
    Example
    • Another way to show all • How does it work? How
    the session variable values does it know it's me?
    for a user session is to run Most sessions set a user-key
    the following code: on the user's computer that
    Showsession.php looks something like this:
    765487cf34ert8dede5a562e
    • Example 4f3a7e12.
    <?php session_start(); ?> • Then, when a session is
    <html> <body> opened on another page, it
    <?php scans the  computer for a
    print_r($_SESSION); user-key. If there is a match,
    ?> it accesses that session, if
    not, it starts a new session.
    </body> </html>
    By: Fiseha B.(Msc), Dec 2014,Dilla
    15
    University
    Modify a PHP Session Variable
    • To change a session variable, just overwrite it:
    • Example
    <?php
    session_start();
    ?>
    <html> <body>
    <?php
    // to change a session variable, just overwrite it
    $_SESSION["favcolor"] = "yellow";
    print_r($_SESSION);
    ?>
    </body> </html>
    By: Fiseha B.(Msc), Dec 2014,Dilla
    16
    University
    Destroy a PHP Session
    • To remove all global session variables and destroy the session, use
    session_unset() and session_destroy():
    • Example
    <?php
    session_start();
    ?>
    <html> <body>
    <?php
    // remove all session variables
    session_unset();

    // destroy the session


    session_destroy();
    ?>
    </body> </html>

    By: Fiseha B.(Msc), Dec 2014,Dilla


    17
    University
    Question?

    By: Fiseha B.(Msc), Dec 2014,Dilla


    18
    University

    You might also like