2. Overview
Objective
Learn how to read and write data to cookies and session
and also how to secure your cookies and sessions.
Requirements
Understanding of Cookies and Sessions in PHP
Estimated Time
10 Minutes
3. Follow Along With Code
Example
1. Download a copy of the example code at
www.prodigyview.com/source.
2. Install the system in an environment you feel
comfortable testing in.
3. Proceed to examples/system/Sessions.php
4. Disable Session in Bootstrap
Normally in ProdigyView when the bootstrap is called, the
session configuration is created and set based upon the
values in the xml configuration file. But for the purposes of
this tutorial we are going to manually set the variables.
Lets start by creating a custom bootstrap that disables the
initialization of the sessions.
5. Session Init
Before we initialize the session, we should set what options
we want. In this example we are only setting the lifetime of
the cookie and the session. By default, the PVSession::init()
method will call session_start() function for us. Keep in mind
there are many more options that can passed to the init.
www.prodigyview.com
6. Setting Up Test Variables
Perfect, now we have an active session ready to set data
in. First create some sample data to insert and retrieve
from cookies and session.
www.prodigyview.com
7. Basic Cookie
With our data we are now going to write and read a basic
cookie. This can be simply done with the methods
writeCookie, readCookie and deleteCookie.
1. Set the key/name of the cookie 2. Set the cookie data based on the key/name
3. Read the cookie data basef on the key/name
4. Delete the cookie associated with the key/name
8. Arrays and Cookies
Normally in PHP you cannot set arrays or objects in
Cookies and Sessions. Well in ProdigyView this can be
done. Just write and read the cookie like you normally
would.
1. Set the key/name of the cookie 2. Set the array or object associated to be
associated with the key/name
Delete the cookie Retrieve the cookie by entering the name/key
www.prodigyview.com
9. Secure Cookie
Sometimes a requirement maybe(and still strongly not
advised) to store sensitive information in a cookie.
ProdigyView allows a cookie to be encrypted. In the
options passed into cookie, set the hash cookie to true.
1. The the options for hashing a cookie 2. Pass the options in when writing and
reading the cookie
3. The options should also be passed when deleting a cookie
10. Writing a Session
Writing a session is very similar to writing a cookie. The
methods are writeSession, readSession, and
deleteSession.
1. Set the key/name of the session 2. Set the data to be associated with that key/name
4. Delete the data from the session 3. Retrieve the data associated
with the key/name
www.prodigyview.com
11. Store Array in Sessions
Like cookies, objects and arrays can be stored in a
session.
1. Set the key/name of the session 2. Set the object or array to be associated with that
key/name
4. Delete the array or object from the session 3. Retrieve the array or object
www.prodigyview.com
12. Secure Session
Now if you want, you can encrypt data stored in a session.
Whether or not this is necessary is controversial because
the session is stored on the server and not accessible to the
client.
1. The the options for hashing a session 2. Pass the options in when writing and
reading the session
3. The options should also be passed when deleting a session
13. Challenge!
This is a challenge designed to better help you understand
sessions and cookies in Prodigyview and PHP.
1. Create an object that contains public, private and
protected variables. 1 of each is fine.
2. Set those variables with values. Make sure you can
retrieve those values.
3. Write the object to a session or cookie normally and
write the object to a session or cookie that is encrypted.
4. Read back the object and access the variables. Record
the results.
14. Review
1. Use PVSession::writeCookie() to write a cookie
2. Use PVSession::readCookie() to read a cookie
3. Use PVSession::deleteCookie() to remove a cookie
4. Use PVSession::writeSession() to write a session
5. Use PVSession::readSession() to read a session
6. Use PVSession::deleteSession() to remove a session
www.prodigyview.com
15. API Reference
For a better understanding of the sessions, visit the api by
clicking on the link below.
PVSession
More Tutorials
For more tutorials, please visit:
http://www.prodigyview.com/tutorials
www.prodigyview.com