Chapter 10 Maintaining State Information Using Cookies
PHP Programming2 Understanding State Information State information State information –Information about individual visits to a Web site Stateless Stateless –Original design of HTTP –Every request for a Web page is a unique user session Maintaining state Maintaining state –Storing persistent information about Web site visits –May use hidden form fields, query strings, cookies or sessions
PHP Programming3 Maintaining State Information Customize individual Web pages based on user preferences Customize individual Web pages based on user preferences Temporarily store information for a user as a browser navigates within a multipart form Temporarily store information for a user as a browser navigates within a multipart form Keep track of how many times a user has visited a Web site Keep track of how many times a user has visited a Web site Provide shopping carts that store order information Provide shopping carts that store order information Store user IDs and passwords Store user IDs and passwords
PHP Programming4 Understanding State Information Figure 10-1 Skyward Aviation Frequent Flyer Web site page flow
Using Cookies to Save State Small pieces of information that can be exchanged between a client and a server Small pieces of information that can be exchanged between a client and a server Used to store state information beyond the current Web page session Used to store state information beyond the current Web page session Created by Netscape Created by Netscape
PHP Programming6 Using Cookies to Save State Temporary cookies Temporary cookies –Available only for the current browser session Persistent cookies Persistent cookies –Available beyond the current browser session –Stored in a text file on a client computer Limitations Limitations –A server or domain can not store more than 20 cookies on a user’s computer –Total cookies per browser cannot exceed 300 –The largest cookie size is 4 kilobytes
PHP Programming7 Creating Cookies setcookie() function setcookie() function setcookie(name [,value,expires, path, domain, secure]) setcookie(name [,value,expires, path, domain, secure]) Call setcookie() before sending the Web browser any output, including echo or print statements Call setcookie() before sending the Web browser any output, including echo or print statements Users may reject cookies Users may reject cookies –A value of true is returned even if a user rejects the cookie Only name is required Only name is required –use an empty string to omit value, path and domain –specify 0 to omit expires and secure arguments
PHP Programming8 name and value Cookies created with only the name and value arguments are temporary cookies Cookies created with only the name and value arguments are temporary cookies –Available for only the current browser session <?php setcookie(“name”, “Mickey Mouse”); ?> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “ “ <head> My Web Site My Web Site...
PHP Programming9 Creating Multiple Cookies The setcookie() function can be called multiple times to create additional cookies The setcookie() function can be called multiple times to create additional cookies setcookie("first", “Mickey"); setcookie("last", “Mouse"); setcookie("occupation", “actor");
PHP Programming10 The expires Argument Determines how long a cookie can remain on a client system before it is deleted Determines how long a cookie can remain on a client system before it is deleted If omitted, cookies are available for only the current browser session If omitted, cookies are available for only the current browser session To specify a cookie’s expiration time, use PHP’s time() function To specify a cookie’s expiration time, use PHP’s time() function setcookie(“name”, “Mickey”, time()+3600); setcookie(“name”, “Mickey”, time()+60*60*24*7); expires in one hour expires in one week
PHP Programming11 The path Argument The path argument determines the availability of a cookie to other Web pages on a server The path argument determines the availability of a cookie to other Web pages on a server –Allows cookies to be shared across a server A cookie is available to all Web pages in a specified path as well as all subdirectories in the specified path A cookie is available to all Web pages in a specified path as well as all subdirectories in the specified path setcookie(“name”, “Mickey”, time()+3600, “/marketing/”); setcookie(“name”, “Mickey”, time()+3600, “/”);
PHP Programming12 The domain Argument The domain argument is used for sharing cookies across multiple servers in the same domain The domain argument is used for sharing cookies across multiple servers in the same domain Cookies cannot be shared outside of a domain Cookies cannot be shared outside of a domain setcookie(“name”, “Mickey”, time()+3600, “/”, “.disney.com”);
PHP Programming13 The secure Argument Allows a cookie only to be transmitted across a secure Internet connection Allows a cookie only to be transmitted across a secure Internet connection –May use HTTPS or another security protocol Assign a value of 1 (for true) or 0 (for false) Assign a value of 1 (for true) or 0 (for false) setcookie(“name”, “Mickey”, time()+3600, “”, “”, 1);
PHP Programming14 Reading Cookies Cookies that are available to the current Web page are automatically assigned to the $_COOKIE autoglobal Cookies that are available to the current Web page are automatically assigned to the $_COOKIE autoglobal Use the cookie name as a key in the associative $_COOKIE[] array Use the cookie name as a key in the associative $_COOKIE[] array echo $_COOKIE['firstName']; Newly created cookies are not available until after the current Web page is reloaded Newly created cookies are not available until after the current Web page is reloaded –Part of HTTP header information –Sent from client to server when request is made
PHP Programming15 Reading Cookies To ensure that a cookie is set before you attempt to use it, use the isset() function To ensure that a cookie is set before you attempt to use it, use the isset() function setcookie("first", “Mickey"); setcookie("last", “Mouse"); setcookie("occupation", “actor"); if (isset($_COOKIE['first']) && isset($_COOKIE['last']) && isset($_COOKIE['last']) && isset($_COOKIE['occupation'])) && isset($_COOKIE['occupation'])) echo "{$_COOKIE['firstName']} {$_COOKIE['lastName']} echo "{$_COOKIE['firstName']} {$_COOKIE['lastName']} is a {$_COOKIE['occupation']}."; is a {$_COOKIE['occupation']}.";
PHP Programming16 Deleting Cookies To delete a cookie, call setcookie() with no value argument: To delete a cookie, call setcookie() with no value argument: –setcookie(“name”);
PHP Programming17 Fruit Enter your favorite fruit:  <?php if (!empty($_POST["fruit"])) { //make persistent cookie for one day setcookie("fruit",$_POST["fruit"], mktime()+60*60*24); } //redirect header("Location: showFruit.php"); ?> <?php if (isset($_COOKIE["fruit"])) echo "Your favorite fruit is ". $_COOKIE["fruit"]; else echo "I dunno your favorite fruit."; ?> getFruit.htm storeFruit.php showFruit.php
PHP Programming18 Example You set up a site and include a login, but don’t want to force the customer to log in every time they visit. You set up a site and include a login, but don’t want to force the customer to log in every time they visit. A cookie can be used to store customer login information and automatically log them in when they revisit the site. A cookie can be used to store customer login information and automatically log them in when they revisit the site.