Chapter 6 Cookies and Sessions

Chapter 6 Cookies and Sessions Slide 1
CHAPTER 6:
Cookies and Sessions
Topics covered:-
Cookies
Sessions
1
AMIT 2043 Web Systems and Technologies
Learning Outcomes
At the end of this chapter, you should be able to
• Use cookies to save state information
• Use sessions to save state information
• Write PHP login scripts to improve security
• Implement a simple online shopping store
2
Introduction
• Information about individual visits to a Web site is called state
information
• HTTP is a stateless technology – each individual HTML page is
an unrelated entity.
• PHP tools for storing persistent information about Web site
visits:
• Cookies
• Sessions
3
Introduction
• Some examples on the usage of cookies and sessions:
• Customize individual Web pages based on user preferences
• Temporarily store information for a user as a browser
navigates within a multipart form
• Provide shopping carts that store order information
• Store user IDs and passwords
• Use counters to keep track of how many times
a user has visited a site
4
2. Cookies
• Cookies are small pieces of information about a user that are
stored by a Web server in text files on the user’s computer
• Temporary cookies remain available only for the current browser
session
• Persistent cookies remain available beyond the current browser
session and are stored in a text file on a client computer
• Users can choose whether to accept cookies that a script attempts
to write to their system
• Cookies are limited to about 4kb of total data, and each browser
remember a limited no. of cookies (50 for most of the current
Web browsers) from any one site.
5
2.1 Setting Cookies (1)

• The syntax for the setcookie() function is:
setcookie(name [,value ,expires, path, domain, secure, httponly])
Name : unique name/key for cookie
Value : value to be associated with name
Expire : when to expire cookie (in millisecond, defaults to current browser session)
Path : determines the availability of a cookie to other Web pages on a server
domain : browser will only return cookie to URLs within this domain, defaults to
hostname
Secure : require HTTPS for cookie transaction [value of 1 (for TRUE) or 0 (for FALSE) ]
Httponly : a boolean used to make the cookie only accessible through HTTP (to enhance
cookie security)
Examples:
setcookie(‘name’, ‘John’, time()+3600, ‘/’, ‘.yahoo.com’, 0,0);
setcookie(‘user_id’, $id);
6
2.1 Setting Cookies (2)

• setcookie() function must be called before sending the Web
browser any output, including white space, HTML elements,
or output from the echo() or print() statements
<?php
setcookie(‘name’, ‘John Smith’);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Shop and Buy</title>
• Cookies created with only the name and value arguments of

the setcookie() function are temporary cookies

2.2 Accessing Cookies

 Cookiesthat are available to the current Web page are
automatically assigned to the $_COOKIE superglobals
<?php // cookie1.php
setcookie('name', 'John Smith');
echo "Go to <a href='cookie2.php'>cookie2.php</a> to read it.";
?>
<? php //cookie2.php

if (isset($_COOKIE['name'])) {
echo "The value of the cookie is {$_COOKIE['name']}";
}
?>
cookies
8
2.3 Deleting Cookies

• To delete a persistent cookie before the time assigned to
the expires argument elapses, assign a new expiration
value that is sometime in the past
setcookie ('name', '', time()-3600, '/', '', 0, 0);

Example : Implementing a Login Page using Cookies
If account is
verified to be valid,
the browser is
redirected to
another URL.
10
AMIT 2043 Web Systems and Technologies CookiesSessions\login_cookies.php
3. Sessions
• A session refers to a period of activity when a PHP script stores
state information on a Web server
• Sessions allow one to maintain state information even when
clients disable cookies in their Web browsers
• Advantages of sessions :
As data is retained on the server, they are more secure
They allow for more data to be stored.
• Advantages of cookies
They are easier to program.
They require less of the server.

3.1 Setting Session Variables

• The session_start() function starts a new session or continues an existing
one. This line must be called before anything is sent to the Web browser.
<?php
session_start();
?>
• The session_start() function generates a unique session ID to identify the
session
• A session ID is a random string containing 32 hexadecimal letters
Eg: 7f39d7dd020773f115d753c71290e11f
• The session_start() function creates a text file on the Web server that is the
same name as the session ID, preceded by sess_
• Session ID text files are stored in the Web server directory specified by the
session.save_path directive defined in the php.ini configuration file

3.2 Accessing Session Variables

• Session state information is stored in the $_SESSION superglobals
• Every PHP script that either sets or accesses session variables
must use the session_start() function.
<?php //session1.php
session_start();
$_SESSION['name'] = "John Smith";
echo "To access the session variable,
<a href='session2.php'> click here</a>.";
?>
<?php //session2.php
session_start();
if(isset($_SESSION['name'])){
echo "Welcome, {$_SESSION['name']}";
}
?>
AMIT 2043 Web Systems and Technologies session

3.3 Deleting Session Variables

• To delete a session manually, perform the following steps:
1. Execute the session_start() function
2. Use the array() construct to reinitialize the $_SESSION superglobal
3. Use the session_destroy() function to delete the session
<?php
session_start();
$_SESSION = array();
session_destroy();
?>

Example : Implementing an Online Shopping Store using Session (1)

An online shopping store is a system that sells products over the
Internet
Shopping cart – used to keep track of the products that a customer is
interested
An online store should generally allow a user to :
 Search for certain products based on product
names or descriptions.
 Browse the list of products by category.
 View a product’s details.
 Add a product to the shopping cart
 View the shopping cart
 Manage the quantities of each product.
 Check out and place an order.
onlineStore
15
Browse the list of products
View a product’s
details.
Add a product to the

shopping cart
16
View the shopping cart
Manage the quantities

of each product.
Customer
can
continue to
shop.
17
18

To manage the shopping cart, a session is used.
The $_SESSION[‘cart’] is a multidimensional associative array, with
print_id as the index. Each array value will be another array of 2
elements: the quantity of the print ordered and the price of that print.
Example of $_SESSION[‘cart’] for a particular customer.
print_id quantity price

4 3 50.00
1 10 300.00
2 5 900.00
19
References
• PHP 6 and MySQL 5 by Ullman, L. Peachpit Press
• PHP Programming with MySQL Second Edition
by Gosselin, D., Kokoska, D. & Easterbrooks, R.
Course Technology
20

Chapter 6 Cookies and Sessions

Uploaded by

Copyright:

Available Formats

You might also like

Chapter 6 Cookies and Sessions

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter 6 Cookies and Sessions

Uploaded by

Copyright:

Available Formats

Chapter 6 Cookies and Sessions Slide 1

2.1 Setting Cookies (1)

2.1 Setting Cookies (2)

• Cookies created with only the name and value arguments of

AMIT 2043 Web Systems and Technologies

2.2 Accessing Cookies

<? php //cookie2.php

2.3 Deleting Cookies

setcookie ('name', '', time()-3600, '/', '', 0, 0);

AMIT 2043 Web Systems and Technologies

Example : Implementing a Login Page using Cookies

AMIT 2043 Web Systems and Technologies

3.1 Setting Session Variables

AMIT 2043 Web Systems and Technologies

3.2 Accessing Session Variables

AMIT 2043 Web Systems and Technologies session

3.3 Deleting Session Variables

AMIT 2043 Web Systems and Technologies

Example : Implementing an Online Shopping Store using Session (1)

Example : Implementing an Online Shopping Store using Session (2)

Browse the list of products

Add a product to the

Example : Implementing an Online Shopping Store using Session (3)

View the shopping cart

Manage the quantities

Example : Implementing an Online Shopping Store using Session (4)

Example : Implementing an Online Shopping Store using Session (5)

print_id quantity price

You might also like