1. 1 Chapter 9 – Cookies, Sessions, FTP, Email and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science and Technology Radford University

2. 2 PHP Sending Email The PHP installation has to include some specifications for how to send email, in particular the PHP initialization file must specify the connections to the email system. At RU, this has been done. To send email in a PHP script use the mail function. Mail(string to, string subject, string message, [,string additional_headers [, string additional_parameters]]) This sends an email to the email address in to, with subject subject and message message. You can also set additional mail headers and parameters to mail. $result = mail(steve@ispname.com, “Web mail”, $_REQUEST[“message”]); **message is retrieved from html form

3. 3 PHP Email w/Headers (mailinput.php)mailinput.php Additional email headers like the following may be specified. cc (“carbon copy”) bcc (“blind carbon copy”) These are set with the additional_headers parameter. $headers.= “cc:”. $_REQUEST[“cc”]. “\r\n”; $headers.= “bcc:”. $_REQUEST[“bcc”]. “\r\n”; $result = mail(“steve@chooseanisp.com”, “Web mail”, $_REQUEST[“message”], $headers);steve@chooseanisp.com Can also send email with attachments.

4. 4 PHP Cookies Cookies hold text that you can store on the user’s computer and retrieve later. They are set using the setcookie function. setcookie parameters: name - cookie name value - value to be stored on the client machine expire - time the cookie expires, set with PHP time function (1/1/70) path - path on the server on which the cookie will be available domain - domain for which the cookie is available secure - indicates that the cookie should only be transmitted via https.

5. 5 PHP Cookies Cookies are part of the HTTP headers sent to the browser, and so they must be sent before any other output from the PHP script. Calls to this function must occur before any other output from your script. This means calls to setcookie must occur before any other output including and tags. If some output exists before calling this function, setcookie may fail and return FALSE. …

6. 6 Getting Cookies After a cookie is set, it won't be visible to scripts until the next time a page is loaded. The cookie is sent from the server machine, so it won't be sent from the client to the server until the next time a request is sent by the client. Cookies are sent in the HTTP headers to the server from the client, then only if the request is for a page from the same domain that the cookie came from. After cookies are set, they can be accessed on the next page load with $_COOKIE array. Say a previous page set a cookie named message. Then it will be in the global array $_COOKIE. So, in the PHP script we have only to access the $_COOKIE array, however, we should check to see the cookie exists. if (isset($_COOKIE['message'])) { echo $_COOKIE['message']; }

7. 7 COOKIE Arrays Cookie names can also be set as array names and will be available to your PHP scripts as arrays. For example: setcookie("cookie[one]","no"); setcookie("cookie[two]","worries"); setcookie("cookie[three]","today."); After these cookies have been set, they could be read after the next request like this: if (isset($_COOKIE['cookie'])) { foreach ($_COOKIE['cookie'] as $data) { echo "$value "; } }

8. 8 Cookie Expiration Time You can also specify how long the cookie should exist on the user's machine. The cookie will be deleted when the user ends the current browser session (which usually means closing all browser windows). So, normally we'll want to specify how long a cookie should last by giving a value for the expire parameter. Normally, we use the time function which returns current time, then add the number of seconds we want the cookie to last. setcookie("mycookie", $value, time() + 3600); How long will this cookie last? Delete a Cookie just set the cookie's value to "" and call setcookie with the same parameters as the cookie was set with. When the value argument is set to an empty string, and all other arguments match a previous call, then the cookie will be deleted from the user's machine.

9. 9 PHP Sessions When clients are working with various pages in your web application, all the data in the various pages is reset to its original values when those pages are loaded. That means all the data is reinitialized between accesses. There are times when you want to retain data from a single client longer. To do this you can use cookies, hidden fields, or session variables. Sessions are designed to hold data on the server. Each user is given a cookie with his or her session ID, which means that PHP will be able to reinstate all the data in each user's session automatically, even over multiple page accesses. If the user has cookies turned off, PHP can encode the session ID in the URL.

10. 10 PHP Sessions (cont.) Using sessions, you can store and retrieve data by name. To work with a session, you start by calling session_start. To store data in the session, you use the $_SESSION array. session_start(); $_SESSION['color'] = "blue"; in a separate page you might: session_start(); $color = $_SESSION['color']; Session behavior is affected by many settings when PHP is installed. For example, session variable life is limited to the number of minutes specified for session.cache_expire, which can only be set during the PHP install. All data for a particular session will be stored in a file in the directory specified by the session.save_path item in the php.ini file. A file for each session will be created.