Objectives Learn about state information

Slides:



Advertisements
Similar presentations
UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Advertisements

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
PHP and the Web: Session : 4. Predefined variables PHP provides a large number of predefined global variables to any script which it runs also called.
Chapter 10 Managing State Information Using Sessions.
©2009 Justin C. Klein Keane PHP Code Auditing Session 7 Sessions and Cookies Justin C. Klein Keane
Managing State Information. PHP State Information 2 Objectives Learn about state information Use hidden form fields to save state information Use query.
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
Chapter 10 Managing State Information PHP Programming with MySQL.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Chapter 10 Maintaining State Information Using Cookies.
Chapter 9 Using Perl for CGI Programming. Computation is required to support sophisticated web applications Computation can be done by the server or the.
Chapter 4 Handling User Input PHP Programming with MySQL 2nd Edition
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
Cookies Set a cookie – setcookie() Extract data from a cookie - $_COOKIE Augment user authentication script with a cookie.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.
Cookies and Security Saving the “state”
JavaScript, Fourth Edition
Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.
Week 9 PHP Cookies and Session Introduction to JavaScript.
CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.
USING PERL FOR CGI PROGRAMMING
Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.
Chapter 8 Cookies And Security JavaScript, Third Edition.
12/3/2012ISC329 Isabelle Bichindaritz1 PHP and MySQL Advanced Features.
School of Computing and Information Systems CS 371 Web Application Programming PHP – Forms, Cookies, Sessions and Database.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.
PHP1-1 PHP Lecture 2 Xingquan (Hill) Zhu
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
Cookies Web Browser and Server use HTTP protocol to communicate and HTTP is a stateless protocol. But for a commercial website it is required to maintain.
1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
Cookies & Session Web Technology
11 1 Cookies CGI/Perl Programming By Diane Zak Objectives In this chapter, you will: Learn the difference between temporary and persistent cookies.
STATE MANAGEMENT.  Web Applications are based on stateless HTTP protocol which does not retain any information about user requests  The concept of state.
PHP Programming with MySQL Slide 10-1 CHAPTER 10 Managing State Information.
Advance web Programming Managing State Information (Cookies-Session) Date: 22 April 2014 Advance web Programming Managing State Information (Cookies-Session)
COOKIES and SESSIONS. COOKIES A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each.
Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.
Sessions and Cookies State Management, Cookies, Sessions, Hidden Fields SoftUni Team Technical Trainers Software University
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
Persistence Maintaining state using cookies and queries.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
1 State and Session Management HTTP is a stateless protocol – it has no memory of prior connections and cannot distinguish one request from another. The.
SESSIONS 27/2/12 Lecture 8. ? Operator Similar to the if statement but returns a value derived from one of two expressions by a colon. Syntax: (expression)
PHP and Sessions. Session – a general definition The GENERAL definition of a session in the “COMPUTER WORLD” is: The interactions (requests and responses)
 A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests.
ITM © Port,Kazman 1 ITM 352 Cookies. ITM © Port,Kazman 2 Problem… r How do you identify a particular user when they visit your site (or any.
1 PHP HTTP After this lecture, you should be able to know: How to create and process web forms with HTML and PHP. How to create and process web forms with.
Cookies and Sessions in PHP. Arguments for the setcookie() Function There are several arguments you can use i.e. setcookie(‘name’, ‘value’, expiration,
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Sessions and cookies (part 2) MIS 3501, Fall 2015 Brad N Greenwood, PhD Department of MIS Fox School of Business Temple University 11/19/2015.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
1 Chapter 22 World Wide Web (HTTP) Chapter 22 World Wide Web (HTTP) Mi-Jung Choi Dept. of Computer Science and Engineering
HTTP Transactions 1. 2 Client-Server Model 3 HTTP HyperText Transport Protocol Native protocol for WWW Sits on top of internet’s TCP/IP protocol HTTP.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Programming for the Web Cookies & Sessions Dónal Mulligan BSc MA
© Copyright 2012 Hidaya Trust (Pakistan) ● A Non-Profit Organization ● / www,histpk.org Hidaya Institute of Science & Technology
CSE 154 Lecture 20: Cookies.
JavaScript, Sixth Edition
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
Chapter 19 PHP Part III Credits: Parts of the slides are based on slides created by textbook authors, P.J. Deitel and H. M. Deitel by Prentice Hall ©
ITM 352 Cookies.
Web Programming Language
Cookies and Sessions in PHP
<?php require("header.htm"); ?>
Web Programming Language
PHP-II.
Presentation transcript:

Chapter 9 Managing State Information PHP Programming with MySQL 2nd Edition

Objectives Learn about state information Use hidden form fields to save state information Use query strings to save state information Use cookies to save state information Use sessions to save state information PHP Programming with MySQL, 2nd Edition

Understanding State Information Information about individual visits to a Web site is called state information HTTP was originally designed to be stateless – Web browsers store no persistent data about a visit to a Web site Maintaining state means to store persistent information about Web site visits with hidden form fields, query strings, cookies, and sessions PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Customize individual Web pages based on user preferences Temporarily store information for a user as a browser navigates within a multipart form Allow a user to create bookmarks for returning to specific locations within a Web site Provide shopping carts that store order information PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Store user IDs and passwords Use counters to keep track of how many times a user has visited a site The four tools for maintaining state information with PHP are: Hidden form fields Query strings Cookies Sessions PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Figure 9-1 College Internship Available Opportunities Web site page flow PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Figure 9-2 Registration/Log In Web page PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Figure 9-3 New Intern Registration Web page after successful registration PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Figure 9-4 Verify Login Web Page for a successful login PHP Programming with MySQL, 2nd Edition

Understanding State Information (continued) Figure 9-5 The Available Opportunities Web page with the Intern information at top of screen PHP Programming with MySQL, 2nd Edition

Using Hidden Form Fields to Save State Information Create hidden form fields with the <input> element Hidden form fields temporarily store data that needs to be sent to a server that a user does not need to see Examples include the result of a calculation The syntax for creating hidden form fields is: <input type="hidden"> PHP Programming with MySQL, 2nd Edition

Using Hidden Form Fields to Save State Information (continued) Hidden form field attributes are name and value When submitting a form to a PHP script, access the values submitted from the form with the $_GET[] and $_POST[] autoglobals To pass form values from one PHP script to another PHP script, store the values in hidden form fields PHP Programming with MySQL, 2nd Edition

Using Hidden Form Fields to Save State Information (continued) echo "<form method='post' " . " action='AvailableOpportunities.php'>\n"; echo "<input type='hidden' name='internID' " . " value='$InternID'>\n"; echo "<input type='submit' name='submit' " . " value='View Available Opportunities'>\n"; echo "</form>\n"; PHP Programming with MySQL, 2nd Edition

Using Query Strings to Save State Information A query string is a set of name=value pairs appended to a target URL Consists of a single text string containing one or more pieces of information Add a question mark (?) immediately after the URL followed by the query string that contains the information you want to preserve in name/value pairs PHP Programming with MySQL, 2nd Edition

Using Query Strings to Save State Information (continued) Separate individual name=value pairs within the query string using ampersands (&) A question mark (?) and a query string are automatically appended to the URL of a server-side script for any forms that are submitted with the GET method <a href="http://www.example.com/TargetPage .php?firstName=Don&lastName=Gosselin& occupation=writer">Link Text</a> PHP Programming with MySQL, 2nd Edition

Using Query Strings to Save State Information (continued) echo "{$_GET['firstName']} {$_GET['lastName']} is a {$_GET['occupation']}. "; Figure 9-6 Output of the contents of a query string PHP Programming with MySQL, 2nd Edition

Using Cookies to Save State Information Query strings do not permanently maintain state information After a Web page that reads a query string closes, the query string is lost To store state information beyond the current Web page session, Netscape created cookies Cookies, or magic cookies, are small pieces of information about a user that are stored by a Web server in text files on the user’s computer PHP Programming with MySQL, 2nd Edition

Using Cookies to Save State Information (continued) Temporary cookies remain available only for the current browser session Persistent cookies remain available beyond the current browser session and are stored in a text file on a client computer Each individual server or domain can store between 20 and 70 cookies on a user’s computer Total cookies per browser cannot exceed 300 The largest cookie size is 4 kilobytes PHP Programming with MySQL, 2nd Edition

Creating Cookies The syntax for the setcookie() function is: setcookie(name [,value ,expires, path, domain, secure]) You must pass each of the arguments in the order specified in the syntax To skip the value, path, and domain arguments, specify an empty string as the argument value To skip the expires and secure arguments, specify 0 as the argument value PHP Programming with MySQL, 2nd Edition

Creating Cookies (continued) Call the setcookie() function before sending the Web browser any output, including white space, HTML elements, or output from the echo() or print() statements Users can choose whether to accept cookies that a script attempts to write to their system A value of TRUE is returned even if a user rejects the cookie PHP Programming with MySQL, 2nd Edition

Creating Cookies (continued) Cookies cannot include semicolons or other special characters, such as commas or spaces, that are transmitted between Web browsers and Web servers using HTTP Cookies can include special characters when created with PHP since encoding converts special characters in a text string to their corresponding hexadecimal ASCII value PHP Programming with MySQL, 2nd Edition

The name and value Arguments Cookies created with only the name and value arguments of the setcookie() function are temporary cookies because they are available for only the current browser session <?php setcookie("firstName", "Don"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>College Internships</title> ... PHP Programming with MySQL, 2nd Edition

The name and value Arguments (continued) The setcookie() function can be called multiple times to create additional cookies – as long as the setcookie() statements come before any other output on a Web page setcookie("firstName", "Don"); setcookie("lastName", "Gosselin"); setcookie("occupation", "writer"); PHP Programming with MySQL, 2nd Edition

The name and value Arguments (continued) The following code creates an indexed cookie array named professional[] that contains three cookie values: setcookie("firstName", "Don"); setcookie("lastName", "Gosselin"); setcookie("occupation", "writer"); PHP Programming with MySQL, 2nd Edition

The name and value Arguments (continued) The following code creates an associative cookie array named professional[] that contains three cookie values: setcookie("professional['firstName']", "Don"); setcookie("professional['lastName']", "Gosselin"); setcookie("professional['occupation']", "writer"); PHP Programming with MySQL, 2nd Edition

The expires Argument The expires argument determines how long a cookie can remain on a client system before it is deleted Cookies created without an expires argument are available for only the current browser session To specify a cookie’s expiration time, use PHP’s time() function setcookie("firstName", "Don", time()+3600); PHP Programming with MySQL, 2nd Edition

The path Argument The path argument determines the availability of a cookie to other Web pages on a server Using the path argument allows cookies to be shared across a server A cookie is available to all Web pages in a specified path as well as all subdirectories in the specified path setcookie("firstName", "Don", time()+3600, "/marketing/"); PHP Programming with MySQL, 2nd Edition

The domain Argument The domain argument is used for sharing cookies across multiple servers in the same domain Cookies cannot be shared outside of a domain setcookie("firstName", "Don”, time()+3600, "/", ".gosselin.com"); PHP Programming with MySQL, 2nd Edition

The secure Argument The secure argument indicates that a cookie can only be transmitted across a secure Internet connection using HTTPS or another security protocol To use this argument, assign a value of 1 (for TRUE) or 0 (for FALSE) as the last argument of the setcookie() function setcookie("firstName”, "Don", time()+3600, "/", ".gosselin.com", 1); PHP Programming with MySQL, 2nd Edition

Reading Cookies Cookies that are available to the current Web page are automatically assigned to the $_COOKIE autoglobal Access each cookie by using the cookie name as a key in the associative $_COOKIE[] array echo $_COOKIE['firstName']; Newly created cookies are not available until after the current Web page is reloaded PHP Programming with MySQL, 2nd Edition

Reading Cookies (continued) To ensure that a cookie is set before you attempt to use it, use the isset() function setcookie("firstName", "Don"); setcookie("lastName", "Gosselin"); setcookie("occupation", "writer"); if (isset($_COOKIE['firstName']) && isset($_COOKIE['lastName']) && isset($_COOKIE['occupation'])) echo "{$_COOKIE['firstName']} {$_COOKIE['lastName']} is a {$_COOKIE['occupation']}."; PHP Programming with MySQL, 2nd Edition

Reading Cookies (continued) Use multidimensional array syntax to read each cookie value setcookie("professional[0]", "Don"); setcookie("professional[1]", "Gosselin"); setcookie("professional[2]", "writer"); if (isset($_COOKIE['professional'])) echo "{$_COOKIE['professional'][0]} {$_COOKIE['professional'][1]} is a {$_COOKIE['professional'][2]}."; PHP Programming with MySQL, 2nd Edition

Deleting Cookies To delete a persistent cookie before the time assigned to the expires argument elapses, assign a new expiration value that is sometime in the past Do this by subtracting any number of seconds from the time() function setcookie("firstName", "", time()-3600); setcookie("lastName", "", time()-3600); setcookie("occupation", "", time()-3600); PHP Programming with MySQL, 2nd Edition

Using Sessions to Save State Information Spyware gathers user information from a local computer for marketing and advertising purposes without the user’s knowledge A session refers to a period of activity when a PHP script stores state information on a Web server Sessions allow you to maintain state information even when clients disable cookies in their Web browsers PHP Programming with MySQL, 2nd Edition

Starting a Session The session_start() function starts a new session or continues an existing one The session_start() function generates a unique session ID to identify the session A session ID is a random alphanumeric string that looks something like: 7f39d7dd020773f115d753c71290e11f The session_start() function creates a text file on the Web server that is the same name as the session ID, preceded by sess_ PHP Programming with MySQL, 2nd Edition

Starting a Session (continued) Session ID text files are stored in the Web server directory specified by the session.save_path directive in your php.ini configuration file The session_start() function does not accept any arguments, nor does it return a value that you can use in your script <?php session_start(); ... PHP Programming with MySQL, 2nd Edition

Starting a Session (continued) You must call the session_start() function before you send the Web browser any output If a client’s Web browser is configured to accept cookies, the session ID is assigned to a temporary cookie named PHPSESSID Pass the session ID as a query string or hidden form field to any Web pages that are called as part of the current session PHP Programming with MySQL, 2nd Edition

Starting a Session (continued) <?php session_start(); ... ?> <p><a href='<?php echo "Occupation.php?PHPSESSID=" . session_id() ?>'>Occupation</a></p> PHP Programming with MySQL, 2nd Edition

Working with Session Variables Session state information is stored in the $_SESSION autoglobal When the session_start() function is called, PHP either initializes a new $_SESSION autoglobal or retrieves any variables for the current session (based on the session ID) into the $_SESSION autoglobal PHP Programming with MySQL, 2nd Edition

Working with Session Variables (continued) <?php session_start(); $_SESSION['firstName'] = "Don"; $_SESSION['lastName'] = "Gosselin"; $_SESSION['occupation'] = "writer"; ?> <p><a href='<?php echo "Occupation.php?" . session_id() ?>'>Occupation</a></p> PHP Programming with MySQL, 2nd Edition

Working with Session Variables (continued) Use the isset() function to ensure that a session variable is set before you attempt to use it <?php session_start(); if (isset($_SESSION['firstName']) && isset($_SESSION['lastName']) && isset($_SESSION['occupation'])) echo "<p>" . $_SESSION['firstName'] . " " . $_SESSION['lastName'] . " is a " . $_SESSION['occupation'] . "</p>"; ?> PHP Programming with MySQL, 2nd Edition

Deleting a Session To delete a session manually, perform the following steps: 1. Execute the session_start() function 2. Use the array() construct to reinitialize the $_SESSION autoglobal 3. Use the session_destroy() function to delete the session PHP Programming with MySQL, 2nd Edition

Deleting a Session (continued) <?php session_start(); $_SESSION = array(); session_destroy(); ?> PHP Programming with MySQL, 2nd Edition

Summary Information about individual visits to a Web site is called state information. Maintaining state means to store persistent information about Web site visits To pass form values from one PHP script to another, you can store the values in hidden form fields, which are submitted along with other types of form fields PHP Programming with MySQL, 2nd Edition

Summary (continued) One way to preserve information following a user’s visit to a Web page is to append a query string to the end of a URL. To pass information from one Web page to another using a query string, add a question mark (?) immediately after a URL, followed by the query string containing the information you want to preserve in name/value pairs. PHP Programming with MySQL, 2nd Edition

Summary (continued) Cookies, also called magic cookies, are small pieces of information about a user that are stored by a Web server in text files on the user’s computer. Cookies can be temporary or persistent. Temporary cookies remain available only for the current browser session Persistent cookies remain available beyond the current browser session and are stored in a text file on a client computer PHP Programming with MySQL, 2nd Edition

Summary (continued) You use the setcookie() function to create cookies in PHP. You must call the setcookie() function before you send the Web browser any output, including white space, HTML elements, or output from the echo or print statements. Cookies created with only the name and value arguments of the setcookie() function are temporary cookies, because they are available for only the current browser session PHP Programming with MySQL, 2nd Edition

Summary (continued) For a cookie to persist beyond the current browser session, you must use the expires argument with the setcookie() function The path argument of the setcookie() function determines the availability of a cookie to other Web pages on a server The secure argument of the setcookie() function indicates that a cookie can only be transmitted across a secure Internet connection using HTTPS or another security protocol PHP Programming with MySQL, 2nd Edition

Summary (continued) To delete a persistent cookie before the time elapses in the assigned expires argument, assign a new expiration value to a time in the past and clearing the value. You do this by subtracting any number of seconds from the time() function and setting the value of the cookie to the empty string. PHP Programming with MySQL, 2nd Edition

Summary (continued) Sessions refer to periods of activity when a PHP script stores state information on a Web server. When you start a new session, the session_start() function generates a unique session ID to identify the session. If a client’s Web browser is configured to accept cookies, the session ID is assigned to a temporary cookie named PHPSESSID. PHP Programming with MySQL, 2nd Edition

Summary (continued) You must call the session_start() function before you send the Web browser any output, including white space, HTML elements, or output from the echo or print statements You store session state information in the $_SESSION[] autoglobal PHP Programming with MySQL, 2nd Edition

Summary (continued) To delete a session, execute the session_start() function, use the array[] construct to reinitialize the $_SESSION[] autoglobal and call the session_destroy() function PHP Programming with MySQL, 2nd Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.