Presentation on theme: "PHP and the Web: Session : 4. Predefined variables PHP provides a large number of predefined global variables to any script which it runs also called."— Presentation transcript:
PHP and the Web: Session : 4
Predefined variables PHP provides a large number of predefined global variables to any script which it runs also called superglobal or autoglobal
To be remembered A file upload form must content an encoding type. i.e
Restricting upload size PHP also requires that a hidden field be included before the file upload field. This should be called MAX_FILE_SIZE and should have a value representing the maximum size in bytes of the file that you are willing to accept.
Inside file upload When a file is successfully uploaded, it is given a unique name and stored in a temporary directory (/tmp on UNIX systems). The full path to this file becomes available to you in a global variable
Handling Uploaded Files PHP stores all the uploaded file information in the $_FILES autoglobal array. $_FILES['userfile']['name'] $_FILES['userfile']['type'] $_FILES['userfile']['size'] $_FILES['userfile']['tmp_name'] $_FILES['userfile']['error']
$_FILES['userfile']['name'] The original name of the file on the client machine.
$_FILES['userfile']['type'] The mime type of the file, if the browser provided this information. An example would be "image/gif"
$_FILES['userfile']['size'] The size, in bytes, of the uploaded file i.e $totsize = $_FILES[‘userfile’][‘size’]; echo ‘Total uplodaed file size’.$totsize;
$_FILES['userfile']['tmp_name'] The temporary filename of the file in which the uploaded file was stored on the server.
$_FILES['userfile']['error'] The error code associated with this file upload. ['error'] was added from PHP
A upload form Choose a file to upload:
Some caution Always check file type after uploading the files. Always check the extension of the file. Always use MAX_FILE_SIZE restricting the file upload size
Session Management Session management is a mechanism to maintain state about a series of requests from the same user across some period of time. for example, to store each user items while they are shopping a site.
separate session? Since TCP/IP has its own session why we need a seprate session handling?
Because.. HTTP is a stateless protocol. It means in every transition the server immediately disconnect the connection. It present a problem when it comes to maintaining information about users visiting a Web site.
user session, how it works? There must be unique identifier number for each user store in storage device. When the user return back they must have this number (session id) to identify to the server. So server can retrieved user information store in the storage device.
Session in client The session variables can be stored in client side using Cookie
Session info can be stored in Cookies Hidden fields URL Web server process memory Files Database
Starting a Session A PHP session is started explicitly by session_start() session_start(); print($counter); $counter++; session_register("counter");
Inside session_start(..) PHP checks whether a valid session ID exist. If there is no session ID, PHP creates a new ID. If a valid ID exists, the frozen variables of that session are reactivated and introduced back to the global namespace. In next visit, Checks whether session is generated or not. If session id found then update the session timeout time.
session_start(..) Put session_start(..) at top of every php script so that the page will remain the part of the each session.
Registering a session variable Registering a session variable is done through the session_register() command All variables you want to preserve across page requests must be registered to the session library with the session_register() function
example session_start(); print($counter); $counter++; session_register("counter"); $bar = "This is a string"; $foo = "bar"; session_register($foo);
Ending a Session You can force a session end with the command session_destroy().
the $_SESSION superglobal the $_SESSION superglobal User $_SESSION to access the registered variables.