Parameter Passing & Session Tracking in PHP

  • 10,671 views
Uploaded on

Parameter passing, File Upload, Session, Cookie, Url Rewriting in PHP

Parameter passing, File Upload, Session, Cookie, Url Rewriting in PHP

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
10,671
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
129
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Passing parameters & Session Tracking in PHP Prof. Ami Tusharkant Choksi Assistant Professor, Computer Engg. Dept., C.K.Pithawalla College of Engg. & Tech., Surat, Gujarat State, India.
  • 2. What is Parameter Passing & Session Tracking? -> Values of the text typed in user form is passed to other HTML and/or server side script is called parameter passing . -> A session refers to all the connections that a single client might make to a server in the course of viewing any pages associated with a given application.[1] -> Maintenance of user's state during session(e.g.login to logout) is called a Session Tracking .
  • 3. Ways
    • Visible form parameters
    • Hidden form parameters
    • Cookies
    • Session
    • URL Rewriting
  • 4. Parameter Passing with <Form>
    • Methods of passing parameters with <form>
      • GET (smaller data i.e.1024 bytes)
      • POST(bigger data, as well as file upload)
    • PHP uses predefined variables
      • $_GET['varname']
      • $_POST['varname']
  • 5. Predefined Variables[2]
    • PHP provides a large number of predefined variables represent everything from external variables to built-in environment variables, last error messages to last retrieved headers to all scripts.
    • Superglobals — Superglobals are built-in variables that are always available in all scopes
    • $GLOBALS — References all variables available in global scope
    • $_SERVER — Server and execution environment information
    • $_SERVER — Server and execution environment information
    • $_GET — HTTP GET variables
    • $_POST — HTTP POST variables
    • $_FILES — HTTP File Upload variables
  • 6. List of predefined variables [2]...
    • $_REQUEST — HTTP Request variables
    • $_SESSION — Session variables
    • $_ENV — Environment variables
    • $_COOKIE — HTTP Cookies
    • $php_errormsg — The previous error message
    • $HTTP_RAW_POST_DATA — Raw POST data
    • $http_response_header — HTTP response headers
    • $argc — The number of arguments passed to script
    • $argv — Array of arguments passed to script
  • 7. The values of Predefined Variables
    • Values of predefined variables can be seen with
    • <?php
    • phpinfo()
    • ?>
  • 8. File Upload
    • Writing client's file on the server is called File Upload.
    • In HTML code following is must be added:
    • <form method=&quot;post&quot; enctype=&quot;multipart/form-data&quot; action=&quot;upload.php&quot;>
    • FileName <input type=&quot;file&quot; name=&quot;userfile&quot;>
    • Above code will display Browse/Choose button on the browser page with which one can select a file.
  • 9. File Upload HTML page in Browser
  • 10. Required Configuration in /etc/php.ini File
    • ;file_uploads must be On
    • file_uploads = On
    • ; Temporary directory for HTTP uploaded files (will use system default if not specified).
    • upload_tmp_dir =/tmp
    • ; Maximum allowed size for uploaded files.
    • upload_max_filesize = 2M
  • 11. Retrieval of File at Server #/uploads must be having o+rwx permission $uploaddir = &quot;/uploads/&quot;; $uploadfile = $uploaddir . basename($_POST[&quot;filename&quot;]); if (move_uploaded_file($_FILES[&quot;filename&quot;][&quot;tmp_name&quot;], $uploadfile)) { echo &quot;File is valid, and was successfully uploaded. &quot;; } else { echo &quot;Possible file upload attack! &quot;; }
  • 12. Session Tracking is done with
    • As HTTP is stateless protocol Session Tracking must be maintained by programmers with following ways:
    • Hidden form parameters
    • Cookies
    • Session
    • URL Rewriting
  • 13. Hidden Parameter Passing
    • Parameter is passed from 1 page to other which is not visible from user.
    • <input type=hidden name=”username” value=”amichoksi”>
    • Can be retrieved in PHP by
      • $_GET[“username”]
      • $_POST[“username”]
  • 14. Cookies [2]
    • Cookies are a mechanism for storing data in the remote browser and thus tracking or identifying return users.
    • Set Cookie
      • bool setcookie ( string $name string $value , int $expire=0 , string $path , string $domain , bool $secure=false , bool $httponly=false)
      • setcookie(“username”,”ami”,time()+300);
    • Read Cookie
      • $_COOKIE['name']
  • 15. Session [2]
    • A way to preserve certain data across subsequent accesses.
  • 16. Session Functions [2] session_cache_expire — Return current cache expire session_cache_limiter — Get and/or set the current cache limiter session_commit — Alias of session_write_close session_decode — Decodes session data from a string session_destroy — Destroys all data registered to a session session_encode — Encodes the current session data as a string session_get_cookie_params — Get the session cookie parameters session_id — Get and/or set the current session id session_is_registered — Find out whether a global variable is registered in a session session_module_name — Get and/or set the current session module session_name — Get and/or set the current session name session_regenerate_id — Update the current session id with a newly generated one session_register — Register one or more global variables with the current session session_save_path — Get and/or set the current session save path session_set_cookie_params — Set the session cookie parameters session_set_save_handler — Sets user-level session storage functions session_start — Initialize session data session_unregister — Unregister a global variable from the current session session_unset — Free all session variables session_write_close — Write session data and end session
  • 17. Examples
    • File: Page1.php
    • <?php
    • session_start();
    • echo 'Welcome to page #1';
    • $_SESSION['favcolor'] = 'green';
    • $_SESSION['animal'] = 'cat';
    • $_SESSION['time'] = time();
    • session_set_cookie_params(10,&quot;/&quot;,&quot;sun.com&quot;,true, false);
    • ?>
  • 18. Example...
    • Filename Page2.php
    • session_start();
    • echo 'Welcome to page #2<br />';
    • echo $_SESSION['favcolor']; // green
    • echo $_SESSION['animal']; // cat
    • echo date('Y m d H:i:s', $_SESSION['time']);?>
    • session_unset ();//releasing session data
    • Echo $_SESSION['time'];//no output
  • 19. URL Re-Writing
    • The Apache server’s mod_rewrite module gives the ability to transparently redirect one URL to another by modifying URL (i.e. re-writing), without the user’s knowledge.
    • Used in situations:-
      • Pass some information to other page
      • redirecting old URLs to new addresses
    • Or
    • - cleaning up the ‘dirty’ URLs coming from a poor
    • publishing system
  • 20. Required Configuration and Examples
    • Following line must be uncommented available in /etc/httpd/conf/httpd.conf file
    • LoadModule rewrite_module modules/mod_rewrite.so
    • URL Rewriting examples
      • http://localhost/ami/123
      • http://localhost/~ami/UrlRewrite.php?name=amichoksi
  • 21. Retrieval of URL Rewriting Data
    • <?php
    • if(isset($_SERVER['PATH_INFO'])){
    • echo $_SERVER['PATH_INFO'];}
    • else if(isset($_GET['username'])) {
    • echo $_GET['username'];
    • }
    • ?>
  • 22. References
    • http://livedocs.adobe.com/coldfusion/6.1/htmldocs/shared28.htm
    • http://in.php.net/manual/en/