PHP Session and Cookie Configuration Tutorial

2,945 views
2,665 views

Published on

Learn the basics of configuring cookies and sessions in php. This tutorial covers the basics of configuring session and cookies in normal php and Prodigyview.

1 Comment
1 Like
Statistics
Notes
  • Thanks for helpful information. Thanks for sharing this information of session and cookies. http://www.dreamdestinations.in/
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
2,945
On SlideShare
0
From Embeds
0
Number of Embeds
21
Actions
Shares
0
Downloads
89
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

PHP Session and Cookie Configuration Tutorial

  1. 1. Session and Cookies
  2. 2. OverviewObjectiveLearn the basic configuration of a sessions and cookies inphp.Requirements A server with PHPEstimated Time10 Minutes
  3. 3. Follow Along With Code Example1. Download a copy of the example code at www.prodigyview.com/source.2. Install the system in an environment you feel comfortable testing in.3. Proceed to examples/system/Session_Basics.php
  4. 4. Apply to Normal PHPWhile the configuration in this tutorial applies to ProdigyView,the concepts apply to normal cookies and sessions in php. Youmay use these concepts with these two php functions.session_set_cookie_paramshttp://php.net/manual/en/function.session-set-cookie-params.phpsetcookiehttp://php.net/manual/en/function.setcookie.php
  5. 5. What is a SessionSessions is information that relates to a user and is storedon the server. A session will no longer exist once thebrowser closes. Sessions do not have a size limit.Sensitive information should be stored in the session. User retrieves session infomration User saves session information
  6. 6. What is a CookieCookies is data the stored in the user’s browser. Unlikesessions, cookies will last if a user closes their browser.Cookies have a size limit set by the browser. Sensitiveinformation should not be stored in the cookie. Stored on user’s computer
  7. 7. ConfigurationIn ProdigyView we can configure sessions and cookies to act a certainway. Below, we are disabling the session configuration in the bootstrapand adding our own configuration. We will explain the passed variablesin other slides.1. Disable init inbootstrap2. Set cookie andsession defaults3. Initialize thesession class
  8. 8. Cookie Path & Session PathThe cookie path and session is path on your server that you cookieor session will be accessible. Example: If you make your cookie path‘/store/products’, the cookie will only be available on‘http://www.example.com/store/products/index.php’.Using ‘/’ will make the cookie or session available in any directory.
  9. 9. Cookie Domain and Session DomainThe cookie and session domain is the domain the cookie/sessionis available on. If your domain is www.example.com, settingyou’re cookie/session to that domain will make is only accessibleunder www.example.com. If it was set tosubdomain.example.com, it will only be available undersubdomain.example.com.Setting the domain to ‘.example.com’ will make thesession/cookie available under all subdomains.
  10. 10. Cookie Secure & Session SecureCookie Secure and Session Secure will ensure that yourdata for a session/cookie will only save over an httpsconnection.It is up to you, the developer, to make sure the value isread only over an https connection.
  11. 11. Cookie and Session HTTP OnlyIn some situations, the requirement may be having this cookieonly accessible from a http connection. Setting this value totrue will ensure that the cookie/session will NOT be accessiblethrough JavaScript, java(ex: .jar files) and other non-http/https protocols.
  12. 12. Cookie And Session LifetimeCookie and sessions do not last forever and nor should they. Acookie can be set for years but the average person will probablyswitch computers every 4-5 years.When setting the amount of time a session/cookie will last, youare passing in the amount of seconds. So if you want thecookie/session to expire in 5 minutes, set it to ’60*5’;
  13. 13. Hash Cookie/SessionThe option hash a cookie/session is an option only availablein ProdigyView and not in normal php. Setting this value totrue will encrypt the cookie/session when saving it. This willmake it more difficult to tell what the saved data is.
  14. 14. Review1. Cookie/Session Path: Sets the path that the cookie/session will be accessible from.2. Cookie/Session Domain: Set what domain the cookie/session will be available on.3. Cookie/Session Secure: Set if the cookie is writable only over a secure connection.4. Cookie/Session Lifetime: Set how the long the cookie/session will last.5. Hash Cookie/Session: Encrypt the cookie/session when saving it.
  15. 15. API ReferenceFor a better understanding of the sessions, visit the api byclicking on the link below.PVSession More TutorialsFor more tutorials, please visit:http://www.prodigyview.com/tutorials www.prodigyview.com

×