OverviewObjectiveLearn the basic configuration of a sessions and cookies inphp.Requirements A server with PHPEstimated Time10 Minutes
Follow Along With Code Example1. Download a copy of the example code at www.prodigyview.com/source.2. Install the system in an environment you feel comfortable testing in.3. Proceed to examples/system/Session_Basics.php
Apply to Normal PHPWhile the configuration in this tutorial applies to ProdigyView,the concepts apply to normal cookies and sessions in php. Youmay use these concepts with these two php functions.session_set_cookie_paramshttp://php.net/manual/en/function.session-set-cookie-params.phpsetcookiehttp://php.net/manual/en/function.setcookie.php
What is a SessionSessions is information that relates to a user and is storedon the server. A session will no longer exist once thebrowser closes. Sessions do not have a size limit.Sensitive information should be stored in the session. User retrieves session infomration User saves session information
What is a CookieCookies is data the stored in the user’s browser. Unlikesessions, cookies will last if a user closes their browser.Cookies have a size limit set by the browser. Sensitiveinformation should not be stored in the cookie. Stored on user’s computer
ConfigurationIn ProdigyView we can configure sessions and cookies to act a certainway. Below, we are disabling the session configuration in the bootstrapand adding our own configuration. We will explain the passed variablesin other slides.1. Disable init inbootstrap2. Set cookie andsession defaults3. Initialize thesession class
Cookie Path & Session PathThe cookie path and session is path on your server that you cookieor session will be accessible. Example: If you make your cookie path‘/store/products’, the cookie will only be available on‘http://www.example.com/store/products/index.php’.Using ‘/’ will make the cookie or session available in any directory.
Cookie Domain and Session DomainThe cookie and session domain is the domain the cookie/sessionis available on. If your domain is www.example.com, settingyou’re cookie/session to that domain will make is only accessibleunder www.example.com. If it was set tosubdomain.example.com, it will only be available undersubdomain.example.com.Setting the domain to ‘.example.com’ will make thesession/cookie available under all subdomains.
Cookie Secure & Session SecureCookie Secure and Session Secure will ensure that yourdata for a session/cookie will only save over an httpsconnection.It is up to you, the developer, to make sure the value isread only over an https connection.
Cookie And Session LifetimeCookie and sessions do not last forever and nor should they. Acookie can be set for years but the average person will probablyswitch computers every 4-5 years.When setting the amount of time a session/cookie will last, youare passing in the amount of seconds. So if you want thecookie/session to expire in 5 minutes, set it to ’60*5’;
Hash Cookie/SessionThe option hash a cookie/session is an option only availablein ProdigyView and not in normal php. Setting this value totrue will encrypt the cookie/session when saving it. This willmake it more difficult to tell what the saved data is.
Review1. Cookie/Session Path: Sets the path that the cookie/session will be accessible from.2. Cookie/Session Domain: Set what domain the cookie/session will be available on.3. Cookie/Session Secure: Set if the cookie is writable only over a secure connection.4. Cookie/Session Lifetime: Set how the long the cookie/session will last.5. Hash Cookie/Session: Encrypt the cookie/session when saving it.
API ReferenceFor a better understanding of the sessions, visit the api byclicking on the link below.PVSession More TutorialsFor more tutorials, please visit:http://www.prodigyview.com/tutorials www.prodigyview.com