SlideShare une entreprise Scribd logo

Sessions and cookies

www.netgains.org
www.netgains.org

Learn sessions & cookies , why & how they use

Technologie
1  sur  24
Cookies and Sessions in PHP
Why Cookies and Sessions are Used?  HTTP is a stateless protocol. This means that each request is handled independently of all the other requests and it means that a server or a script cannot remember if a user has been there before.  However, knowing if a user has been there before is often required and therefore something known as cookies and sessions have been implemented.
What is a Cookie?  A cookie is a piece of text that a Web server can store on a user's hard disk.  A cookie is a variable, sent by the server to the browser.  Cookies allow a Web site to store information on a user's machine and later retrieve it. The pieces of information are stored as name-value pairs.
What is a Cookie?  Each cookie on the user’s computer is connected to a particular domain.  Each time the same computer requests a page with a browser, it will send the cookie too.  Each cookie can store up to 4kB of data.  A maximum of 20 cookies can be stored on a user’s PC per domain.
When are Cookies Created?  When a new webpage is loaded - for example after a 'submit' button is pressed the data handling page would be responsible for storing the values in a cookie.  If the user has elected to disable cookies then the write operation will fail, and subsequent sites which rely on the cookie will either have to take a default action.
Example (1) 1. User sends a request for page at www.example.com for the first time. page request
Example (2) 2. Server sends back the page html to the browser AND stores some data in a cookie on the user’s PC. html cookie data
Example (1) 3. At the next page request for domain www.example.com, all cookie data associated with this domain is sent too. page request cookie data
What's in a Cookie?  Each cookie is effectively a small lookup table containing pairs of (key, data) values - for example (firstname, John) (lastname,Peter).  Once the cookie has been read by the code on the server or client computer, the data can be retrieved and used to customise the web page appropriately.
Set a cookie setcookie(name [,value [,expire [,path [,domain [,secure]]]]]) name = cookie name value = data to store (string) expire = UNIX timestamp when the cookie expires. Default is that cookie expires when browser is closed. path = Path on the server within and below which the cookie is available on. domain = Domain at which the cookie is available for. secure = If cookie should be sent over HTTPS connection only. Default false.
Set a cookie - examples setcookie(‘name’,’Robert’) This command will set the cookie called name on the user’s PC containing the data Robert. It will be available to all pages in the same directory or subdirectory of the page that set it (the default path and domain). It will expire and be deleted when the browser is closed (default expire).
Set a cookie - examples setcookie(‘age’,’20’,time()+60*60*24*30) This command will set the cookie called age on the user’s PC containing the data 20. It will be available to all pages in the same directory or subdirectory of the page that set it (the default path and domain). It will expire and be deleted after 30 days.
Set a cookie - examples setcookie(‘gender’,’male’,0,’/’) This command will set the cookie called gender on the user’s PC containing the data male. It will be available within the entire domain that set it. It will expire and be deleted when the browser is closed.
Read cookie data  All cookie data is available through the superglobal $_COOKIE: $variable = $_COOKIE[‘cookie_name’] or $variable = $HTTP_COOKIE_VARS[‘cookie_name’]; e.g. $age = $_COOKIE[‘age’]
Delete a cookie  To remove a cookie, simply overwrite the cookie with a new one with an expiry time in the past… setcookie(‘cookie_name’,’’,time()-6000)  Note that theoretically any number taken away from the time() function should do, but due to variations in local computer times, it is advisable to use a day or two.
Problems with Cookies  Browsers can refuse to accept cookies.  Additionally, it adds network overhead to send lots of information back and forth.  There are also limits to the amount of information that can be sent  Some information you just don’t want to save on the client’s computer.
Sessions  A Session allows to store user information on the server for later use (i.e. username, shopping cart items, etc).  However, this session information is temporary and is usually deleted very quickly after the user has left the website that uses sessions.  Session variables hold information about one single user, and are available to all pages in one application.
How Session Works?  Sessions work by creating a unique identification(UID) number for each visitor and storing variables based on this ID.  This helps to prevent two users data from getting confused with one another when visiting the same webpage.  The UID is either stored in a cookie or is propagated in the URL.
Starting a PHP Session  Before you can store user information in your PHP session, you must first start up the session.  The session_start() function must appear BEFORE the <html> tag.  <?php session_start(); ?> <html> <body> </body> </html>
Storing a Session Variable  The correct way to store and retrieve session variables is to use the PHP $_SESSION variable.  <?php session_start(); // store session data $_SESSION['views']=1; ?> <html> <body </body> </html>
Retrieving a Session Variable  <html> <body> <?php //retrieve session data echo "Pageviews=". $_SESSION['views']; ?> </body> </html>  Display: Pageviews = 1
Destroying a Session  The unset() function is used to free the specified session variable.  <?php unset($_SESSION['views']); ?>  You can also completely destroy the session by calling the session_destroy() function:  <?php session_destroy(); ?>  session_destroy() will reset your session and you will lose all your stored session data.
Cookies vs. Sessions Cookies Sessions  Sessions are stored on server  Cookies are stored on client side side  Cookies can only store strings.  Sessions can store objects.  Cookies can be set to a long  When users close their browser, lifespan. they also lost the session.
Thanks!

Recommandé

Cookies & Session
Cookies & SessionCookies & Session
Cookies & Session
university of education,Lahore
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
Lena Petsenchuk
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
Sukrit Gupta
 
Sessions in php
Sessions in php Sessions in php
Sessions in php
Mudasir Syed
 
Database Connectivity in PHP
Database Connectivity in PHPDatabase Connectivity in PHP
Database Connectivity in PHP
Taha Malampatti
 
Cookie and session
Cookie and sessionCookie and session
Cookie and session
Aashish Ghale
 
Jsp ppt
Jsp pptJsp ppt
Jsp ppt
Vikas Jagtap
 
Basics of JavaScript
Basics of JavaScriptBasics of JavaScript
Basics of JavaScript
Bala Narayanan
 

Recommandé

Cookies & Session
Cookies & SessionCookies & Session
Cookies & Session
university of education,Lahore
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
Lena Petsenchuk
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
Sukrit Gupta
 
Sessions in php
Sessions in php Sessions in php
Sessions in php
Mudasir Syed
 
Database Connectivity in PHP
Database Connectivity in PHPDatabase Connectivity in PHP
Database Connectivity in PHP
Taha Malampatti
 
Cookie and session
Cookie and sessionCookie and session
Cookie and session
Aashish Ghale
 
Jsp ppt
Jsp pptJsp ppt
Jsp ppt
Vikas Jagtap
 
Basics of JavaScript
Basics of JavaScriptBasics of JavaScript
Basics of JavaScript
Bala Narayanan
 
PHP - Introduction to PHP Cookies and Sessions
PHP - Introduction to PHP Cookies and SessionsPHP - Introduction to PHP Cookies and Sessions
PHP - Introduction to PHP Cookies and Sessions
Vibrant Technologies & Computers
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
 
MYSQL - PHP Database Connectivity
MYSQL - PHP Database ConnectivityMYSQL - PHP Database Connectivity
MYSQL - PHP Database Connectivity
V.V.Vanniaperumal College for Women
 
Ajax and Jquery
Ajax and JqueryAjax and Jquery
Ajax and Jquery
People Strategists
 
Java Servlets
Java ServletsJava Servlets
Java Servlets
BG Java EE Course
 
jQuery for beginners
jQuery for beginnersjQuery for beginners
jQuery for beginners
Arulmurugan Rajaraman
 
Remote Method Invocation (RMI)
Remote Method Invocation (RMI)Remote Method Invocation (RMI)
Remote Method Invocation (RMI)
Peter R. Egli
 
PHP Cookies and Sessions
PHP Cookies and SessionsPHP Cookies and Sessions
PHP Cookies and Sessions
Nisa Soomro
 
Document Type Definition (DTD)
Document Type Definition (DTD)Document Type Definition (DTD)
Document Type Definition (DTD)
International Institute of Information Technology (I²IT)
 
Java Server Pages
Java Server PagesJava Server Pages
Java Server Pages
Kasun Madusanke
 
Network programming in Java
Network programming in JavaNetwork programming in Java
Network programming in Java
Tushar B Kute
 
Java Server Pages(jsp)
Java Server Pages(jsp)Java Server Pages(jsp)
Java Server Pages(jsp)
Manisha Keim
 
Servlet and servlet life cycle
Servlet and servlet life cycleServlet and servlet life cycle
Servlet and servlet life cycle
Dhruvin Nakrani
 
Introduction to HTML5 Canvas
Introduction to HTML5 CanvasIntroduction to HTML5 Canvas
Introduction to HTML5 Canvas
Mindy McAdams
 
ASP.NET Page Life Cycle
ASP.NET Page Life CycleASP.NET Page Life Cycle
ASP.NET Page Life Cycle
Abhishek Sur
 
Java Networking
Java NetworkingJava Networking
Java Networking
Sunil OS
 
Asynchronous JavaScript & XML (AJAX)
Asynchronous JavaScript & XML (AJAX)Asynchronous JavaScript & XML (AJAX)
Asynchronous JavaScript & XML (AJAX)
Adnan Sohail
 
JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model
WebStackAcademy
 
PHP Form Validation Technique
PHP Form Validation TechniquePHP Form Validation Technique
PHP Form Validation Technique
Morshedul Arefin
 
Cookie & Session In ASP.NET
Cookie & Session In ASP.NETCookie & Session In ASP.NET
Cookie & Session In ASP.NET
ShingalaKrupa
 
Web Cookies
Web CookiesWeb Cookies
Web Cookies
apwebco
 
Hypertext
HypertextHypertext
Hypertext
patrickalfredwaluchio
 

Contenu connexe

Tendances

Remote Method Invocation (RMI)
Remote Method Invocation (RMI)Remote Method Invocation (RMI)
Remote Method Invocation (RMI)
Peter R. Egli
 
JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model
WebStackAcademy
 
Cookie & Session In ASP.NET
Cookie & Session In ASP.NETCookie & Session In ASP.NET
Cookie & Session In ASP.NET
ShingalaKrupa
 

Tendances (20)

PHP - Introduction to PHP Cookies and Sessions
PHP - Introduction to PHP Cookies and SessionsPHP - Introduction to PHP Cookies and Sessions
PHP - Introduction to PHP Cookies and Sessions
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
MYSQL - PHP Database Connectivity
MYSQL - PHP Database ConnectivityMYSQL - PHP Database Connectivity
MYSQL - PHP Database Connectivity
 
Ajax and Jquery
Ajax and JqueryAjax and Jquery
Ajax and Jquery
 
Java Servlets
Java ServletsJava Servlets
Java Servlets
 
jQuery for beginners
jQuery for beginnersjQuery for beginners
jQuery for beginners
 
Remote Method Invocation (RMI)
Remote Method Invocation (RMI)Remote Method Invocation (RMI)
Remote Method Invocation (RMI)
 
PHP Cookies and Sessions
PHP Cookies and SessionsPHP Cookies and Sessions
PHP Cookies and Sessions
 
Document Type Definition (DTD)
Document Type Definition (DTD)Document Type Definition (DTD)
Document Type Definition (DTD)
 
Java Server Pages
Java Server PagesJava Server Pages
Java Server Pages
 
Network programming in Java
Network programming in JavaNetwork programming in Java
Network programming in Java
 
Java Server Pages(jsp)
Java Server Pages(jsp)Java Server Pages(jsp)
Java Server Pages(jsp)
 
Servlet and servlet life cycle
Servlet and servlet life cycleServlet and servlet life cycle
Servlet and servlet life cycle
 
Introduction to HTML5 Canvas
Introduction to HTML5 CanvasIntroduction to HTML5 Canvas
Introduction to HTML5 Canvas
 
ASP.NET Page Life Cycle
ASP.NET Page Life CycleASP.NET Page Life Cycle
ASP.NET Page Life Cycle
 
Java Networking
Java NetworkingJava Networking
Java Networking
 
Asynchronous JavaScript & XML (AJAX)
Asynchronous JavaScript & XML (AJAX)Asynchronous JavaScript & XML (AJAX)
Asynchronous JavaScript & XML (AJAX)
 
JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model JavaScript - Chapter 12 - Document Object Model
JavaScript - Chapter 12 - Document Object Model
 
PHP Form Validation Technique
PHP Form Validation TechniquePHP Form Validation Technique
PHP Form Validation Technique
 
Cookie & Session In ASP.NET
Cookie & Session In ASP.NETCookie & Session In ASP.NET
Cookie & Session In ASP.NET
 

En vedette

Web Cookies
Web CookiesWeb Cookies
Web Cookies
apwebco
 
Cookies PowerPoint
Cookies PowerPointCookies PowerPoint
Cookies PowerPoint
emurfield
 

En vedette (7)

Web Cookies
Web CookiesWeb Cookies
Web Cookies
 
Hypertext
HypertextHypertext
Hypertext
 
Presentation on Internet Cookies
Presentation on Internet CookiesPresentation on Internet Cookies
Presentation on Internet Cookies
 
Hypertext, hypermedia and multimedia
Hypertext, hypermedia and multimediaHypertext, hypermedia and multimedia
Hypertext, hypermedia and multimedia
 
Javascript
JavascriptJavascript
Javascript
 
Cookies PowerPoint
Cookies PowerPointCookies PowerPoint
Cookies PowerPoint
 
Cookies!
Cookies!Cookies!
Cookies!
 

Similaire à Sessions and cookies

Web app development_cookies_sessions_14
Web app development_cookies_sessions_14Web app development_cookies_sessions_14
Web app development_cookies_sessions_14
Hassen Poreya
 
19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx
ssuser4a97d3
 
Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)
Chhom Karath
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
salissal
 

Similaire à Sessions and cookies (20)

PHP-Cookies-Sessions.pdf
PHP-Cookies-Sessions.pdfPHP-Cookies-Sessions.pdf
PHP-Cookies-Sessions.pdf
 
Php ssession - cookies -introduction
Php ssession - cookies -introductionPhp ssession - cookies -introduction
Php ssession - cookies -introduction
 
Web app development_cookies_sessions_14
Web app development_cookies_sessions_14Web app development_cookies_sessions_14
Web app development_cookies_sessions_14
 
4.4 PHP Session
4.4 PHP Session4.4 PHP Session
4.4 PHP Session
 
Lecture8 php page control by okello erick
Lecture8 php page control by okello erickLecture8 php page control by okello erick
Lecture8 php page control by okello erick
 
javaScriptCookies.pptx
javaScriptCookies.pptxjavaScriptCookies.pptx
javaScriptCookies.pptx
 
19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx19_JavaScript - Storage_Cookies-tutorial .pptx
19_JavaScript - Storage_Cookies-tutorial .pptx
 
Lecture 11 - PHP - Part 5 - CookiesSessions.ppt
Lecture 11 - PHP - Part 5 - CookiesSessions.pptLecture 11 - PHP - Part 5 - CookiesSessions.ppt
Lecture 11 - PHP - Part 5 - CookiesSessions.ppt
 
PHP COOKIES AND SESSIONS
PHP COOKIES AND SESSIONSPHP COOKIES AND SESSIONS
PHP COOKIES AND SESSIONS
 
Session,cookies
Session,cookiesSession,cookies
Session,cookies
 
Cookies
CookiesCookies
Cookies
 
ASP.NET-Web Programming - Sessions and Cookies
ASP.NET-Web Programming - Sessions and CookiesASP.NET-Web Programming - Sessions and Cookies
ASP.NET-Web Programming - Sessions and Cookies
 
Manish
ManishManish
Manish
 
Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)
 
Introduction to php web programming - sessions and cookies
Introduction to php web programming - sessions and cookiesIntroduction to php web programming - sessions and cookies
Introduction to php web programming - sessions and cookies
 
Cookies and sessions
Cookies and sessionsCookies and sessions
Cookies and sessions
 
Sessions n cookies
Sessions n cookiesSessions n cookies
Sessions n cookies
 
lecture 12.pptx
lecture 12.pptxlecture 12.pptx
lecture 12.pptx
 
Cookies-PHP
Cookies-PHPCookies-PHP
Cookies-PHP
 
Cookies and Session
Cookies and SessionCookies and Session
Cookies and Session
 

Plus de www.netgains.org

Introduction to wordpress & theme implementation
Introduction to wordpress & theme implementationIntroduction to wordpress & theme implementation
Introduction to wordpress & theme implementation
www.netgains.org
 

Plus de www.netgains.org (8)

Exploring iTools
Exploring iToolsExploring iTools
Exploring iTools
 
What is a Responsive Website
What is a Responsive WebsiteWhat is a Responsive Website
What is a Responsive Website
 
Twitter bootstrap1
Twitter bootstrap1Twitter bootstrap1
Twitter bootstrap1
 
Magento
MagentoMagento
Magento
 
Dream weaver
Dream weaverDream weaver
Dream weaver
 
Introduction to wordpress & theme implementation
Introduction to wordpress & theme implementationIntroduction to wordpress & theme implementation
Introduction to wordpress & theme implementation
 
Web application security
Web application securityWeb application security
Web application security
 
Introduction to Html5
Introduction to Html5Introduction to Html5
Introduction to Html5
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Dernier (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Sessions and cookies

  • 2. Why Cookies and Sessions are Used?  HTTP is a stateless protocol. This means that each request is handled independently of all the other requests and it means that a server or a script cannot remember if a user has been there before.  However, knowing if a user has been there before is often required and therefore something known as cookies and sessions have been implemented.
  • 3. What is a Cookie?  A cookie is a piece of text that a Web server can store on a user's hard disk.  A cookie is a variable, sent by the server to the browser.  Cookies allow a Web site to store information on a user's machine and later retrieve it. The pieces of information are stored as name-value pairs.
  • 4. What is a Cookie?  Each cookie on the user’s computer is connected to a particular domain.  Each time the same computer requests a page with a browser, it will send the cookie too.  Each cookie can store up to 4kB of data.  A maximum of 20 cookies can be stored on a user’s PC per domain.
  • 5. When are Cookies Created?  When a new webpage is loaded - for example after a 'submit' button is pressed the data handling page would be responsible for storing the values in a cookie.  If the user has elected to disable cookies then the write operation will fail, and subsequent sites which rely on the cookie will either have to take a default action.
  • 6. Example (1) 1. User sends a request for page at www.example.com for the first time. page request
  • 7. Example (2) 2. Server sends back the page html to the browser AND stores some data in a cookie on the user’s PC. html cookie data
  • 8. Example (1) 3. At the next page request for domain www.example.com, all cookie data associated with this domain is sent too. page request cookie data
  • 9. What's in a Cookie?  Each cookie is effectively a small lookup table containing pairs of (key, data) values - for example (firstname, John) (lastname,Peter).  Once the cookie has been read by the code on the server or client computer, the data can be retrieved and used to customise the web page appropriately.
  • 10. Set a cookie setcookie(name [,value [,expire [,path [,domain [,secure]]]]]) name = cookie name value = data to store (string) expire = UNIX timestamp when the cookie expires. Default is that cookie expires when browser is closed. path = Path on the server within and below which the cookie is available on. domain = Domain at which the cookie is available for. secure = If cookie should be sent over HTTPS connection only. Default false.
  • 11. Set a cookie - examples setcookie(‘name’,’Robert’) This command will set the cookie called name on the user’s PC containing the data Robert. It will be available to all pages in the same directory or subdirectory of the page that set it (the default path and domain). It will expire and be deleted when the browser is closed (default expire).
  • 12. Set a cookie - examples setcookie(‘age’,’20’,time()+60*60*24*30) This command will set the cookie called age on the user’s PC containing the data 20. It will be available to all pages in the same directory or subdirectory of the page that set it (the default path and domain). It will expire and be deleted after 30 days.
  • 13. Set a cookie - examples setcookie(‘gender’,’male’,0,’/’) This command will set the cookie called gender on the user’s PC containing the data male. It will be available within the entire domain that set it. It will expire and be deleted when the browser is closed.
  • 14. Read cookie data  All cookie data is available through the superglobal $_COOKIE: $variable = $_COOKIE[‘cookie_name’] or $variable = $HTTP_COOKIE_VARS[‘cookie_name’]; e.g. $age = $_COOKIE[‘age’]
  • 15. Delete a cookie  To remove a cookie, simply overwrite the cookie with a new one with an expiry time in the past… setcookie(‘cookie_name’,’’,time()-6000)  Note that theoretically any number taken away from the time() function should do, but due to variations in local computer times, it is advisable to use a day or two.
  • 16. Problems with Cookies  Browsers can refuse to accept cookies.  Additionally, it adds network overhead to send lots of information back and forth.  There are also limits to the amount of information that can be sent  Some information you just don’t want to save on the client’s computer.
  • 17. Sessions  A Session allows to store user information on the server for later use (i.e. username, shopping cart items, etc).  However, this session information is temporary and is usually deleted very quickly after the user has left the website that uses sessions.  Session variables hold information about one single user, and are available to all pages in one application.
  • 18. How Session Works?  Sessions work by creating a unique identification(UID) number for each visitor and storing variables based on this ID.  This helps to prevent two users data from getting confused with one another when visiting the same webpage.  The UID is either stored in a cookie or is propagated in the URL.
  • 19. Starting a PHP Session  Before you can store user information in your PHP session, you must first start up the session.  The session_start() function must appear BEFORE the <html> tag.  <?php session_start(); ?> <html> <body> </body> </html>
  • 20. Storing a Session Variable  The correct way to store and retrieve session variables is to use the PHP $_SESSION variable.  <?php session_start(); // store session data $_SESSION['views']=1; ?> <html> <body </body> </html>
  • 21. Retrieving a Session Variable  <html> <body> <?php //retrieve session data echo "Pageviews=". $_SESSION['views']; ?> </body> </html>  Display: Pageviews = 1
  • 22. Destroying a Session  The unset() function is used to free the specified session variable.  <?php unset($_SESSION['views']); ?>  You can also completely destroy the session by calling the session_destroy() function:  <?php session_destroy(); ?>  session_destroy() will reset your session and you will lose all your stored session data.
  • 23. Cookies vs. Sessions Cookies Sessions  Sessions are stored on server  Cookies are stored on client side side  Cookies can only store strings.  Sessions can store objects.  Cookies can be set to a long  When users close their browser, lifespan. they also lost the session.