Presentation is loading. Please wait.

Presentation is loading. Please wait.

PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.

Published byJustin Wade Modified over 8 years ago

Similar presentations

Presentation on theme: "PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies."— Presentation transcript:

1 PHP: Further Skills 02 By Trevor Adams

2 Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies Sessions

3 Persistence – What is it? Broadly, it is a any mechanism that allows values from one page activity to be available on the next

4 Persistence – State Management So why do we need it? HTTP has no way of tracking a user’s visit to a web site HTTP simply responds to requests for resources Web applications demand more functionality than simple, static web pages can provide Data driven web sites often provide access to relatively sensitive data

5 Persistence – form fields Hidden form fields provide a simple way to maintain application state Simple to use HTML Generated by PHP statements Provides a useful way of processing data differently from one form. E.g. Editing and Adding a record can use the same form The action required can be determined from a hidden field named action The script that catches the post can query action and act appropriately

6 Persistence – Form fields Form fields have their disadvantages Have to be managed by the programmer Can be laborious on many forms Data has to be obfuscated if sensitive This is not ideal Remember – HTML is plain text Have to be sent to the server each round trip

7 Persistence – Query Strings Query allow the passing of variables through the URL E.g. http://example.web/product.php?id=1001 Multiple variables are declared using the ampersand (&) character E.g. /product.php?id=1001&order=asc Values can be accessed using the $_GET array This is used similar to the $_POST array E.g. from above example // prints 1001

8 Persistence – Query Strings Query strings are perfect for bookmarks They are part of the URL Can be given as direct links Query strings can persist through basic HTML elements E.g. Hyperlinks ( )

9 Persistence – Query Strings Query strings are not ideal in every situation All variables are visible in the URL Useless for sensitive data Some applications specific a 256 character URL limit (including the page) Easy target for unscrupulous people Useless for large input, such as web mail

10 Persistence – Basic Summary We can create persistent applications using skills we have already covered Hidden form elements Work just like other form elements They do not render on screen Query strings Append key=value pairs to a URL Accessible as $_GET array Visible in the URL

11 Persistence – Cookie time! Quick (perhaps dirty) way of persisting data using the client Can store data between visits to a site Stored as basic text files on the client machine Cookie data is sent to the server with each page request (providing the cookie is valid)

12 Persistence - Cookies Cookies have a bad reputation Over used Abused In general people do not trust cookies Often they do not know they are needed for the cool things they enjoy on a web site Possible poor use of cookies include: Tracking and reporting browsing habits Reporting products of interest to other web sites Many others

13 Persistence - Cookies Cookies should be used for the “Bells and Whistles” of a web site A web site should generally (try to at least) not rely on cookies to be completely functional For example, storing the user’s visual style preference If the cookie is not accepted, the site will still work

14 Persistence - Cookies PHP allows the programmer to set cookies The setcookie() function This function takes up to 6 parameters Name – required Value – required Expire – time in seconds that the cookie expires Path – path that the cookie is valid for (/tja1) Domain – domain that is valid (e.g. example.web) Secure – whether it requires HTTPS or not setcookie(“cssfile”, “style.css”, time()+1800);

15 Persistence – Cookie expiration The PHP time() function returns the current time measured in the number of seconds since the Unix Epoch (January 1 1970 00:00:00 GMT). Try time() + 1800 will expire the cookie in 30 minutes 60 seconds * 30 = 1800 We shall cover time and date functions in lab session

16 Persistence - Cookies Cookies are available on the subsequent page request from when they are set They are accessible via $_COOKIES array The cookie name is the array key Adding values directly to the cookie array will not create a cookie Must use set cookie function for this

17 Persistence - Cookies Calls to setcookie() must be called before any out put is sent to the browser Cookies are sent in the HTTP header <?php echo “Hello!”; setcookie(“style”, “myfile.css”, time()+1800); ?> Results in an error Output includes any data, including plain HTML that comes before the setcookie() call Do not store arrays in cookie variables They require special manipulation Stick to basic types, textual/numeric

18 Persistence – Cookie Summary Cookies are great for the ‘nice’ features Do not rely on them Not even in closed environments They are stored on the client Not stored securely Sent with each page request Can be transmitted securely

19 Persistence - Sessions Sessions are stored on the server Exist for the time a user starts to use your application to the time they finish Or you programmatically end the session (logout) Sessions are very simple to use PHP4 has built in functionality for sessions

20 Sessions – in use Call the function session_start(); before any output is sent to the browser $_SESSION array is used to store session variables Adding values to $_SESSION will automatically persist those values at the server side

21 Sessions – in use <?php session_start(); $_SESSION[“uname”] = “tja1”; ?> Subsequent page access <?php Session_start(); Echo $_SESSION[“uname”]; // prints “tja1” ?>

22 Sessions – Why use them? Store more complex data, such as arrays, easily Data is never involved in a round trip In some ways, more secure Although has security issues of a different nature Well out of the scope of this module

23 Sessions - Summary Persistence data Maintained on the server Needs to be initialised before output Allows the programmer to implement complex application functionality Probably the best choice to facilitate logins

24 Topics covered - summary Basic Persistence Query Strings Hidden form elements Cookies Client side storage Sent on every page request Not secure Access using $_COOKIES Sessions Server side variable storage Accessed using $_SESSIONS Avoids the client side storage Still suffers from server side attacks

25 Resources Use the PHP web site Search for time Search for session_start Search for setcookie

Download ppt "PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies."

Similar presentations

LIS651 lecture 3 taming PHP Thomas Krichel 2007-04-15.

LIS651 lecture 3 taming PHP Thomas Krichel
PHP I.

PHP I.
CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Chapter 10 Managing State Information PHP Programming with MySQL.

Chapter 10 Managing State Information PHP Programming with MySQL.
Session Management A290/A590, Fall 2014 09/25/2014.

Session Management A290/A590, Fall /25/2014.
Chapter 10 Maintaining State Information Using Cookies.

Chapter 10 Maintaining State Information Using Cookies.
Objectives Learn about state information

Objectives Learn about state information
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
PHP: Introduction By Trevor Adams.

PHP: Introduction By Trevor Adams.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
Www.dwteam.com 1 Forms for the Web Tom Muck www.dwteam.com.

1 Forms for the Web Tom Muck
PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.

PHP Tutorials 02 Olarik Surinta Management Information System Faculty of Informatics.
Advance Database Management Systems Lab no. 5 PHP Web Pages.

Advance Database Management Systems Lab no. 5 PHP Web Pages.
_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.

_______________________________________________________________________________________________________________ PHP Bible, 2 nd Edition1  Wiley and the.
Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.

Introduction to PHP and Server Side Technology. Slide 2 PHP History Created in 1995 PHP 5.0 is the current version It’s been around since 2004.
INTERNET APPLICATION DEVELOPMENT For More visit:

INTERNET APPLICATION DEVELOPMENT For More visit:
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Similar presentations

Ads by Google