This presentation talks about managing a session and cookies in web using PHP. Cookies are stored at client machine and sent back to the server after first consecutive requests.Session manages the user state on the web page for security purpose as well.
this ppt will give you information about :
1. Introduction to www
2. History Understanding client/server roles Apache
3. HTML
4. PHP
5. MySQL
6. JS
7. HTML & CSS
8. XAMPP Installation
Drupal enthusiasts in Chennai are coordination with IEEE organized a 3 day workshop. The Workshop introduced Drupal to students. Over 125 students participated this training program.
this ppt will give you information about :
1. Introduction to www
2. History Understanding client/server roles Apache
3. HTML
4. PHP
5. MySQL
6. JS
7. HTML & CSS
8. XAMPP Installation
Drupal enthusiasts in Chennai are coordination with IEEE organized a 3 day workshop. The Workshop introduced Drupal to students. Over 125 students participated this training program.
Session and cookies knowledge is very important for a web developer. In these slides we are going to explore basics of Sessions and Cookies in PHP. How to create and destroy a session. How to create and destroy a cookie. How sessions and cookies are stored.
It contains basic fundamental of class, object, method overloading, constructor, destructor, visibility, acess specifier, Methods, overloading, clonning of objects etc. are covered here.
Kindly look at it and give your comments to improve it as good as possible ways.
It contains different concepts of Object Oriented PHP like cloning of object, Inheritance, function overriding, Final function, Error Handling, Exception Handling, Custom error handling class, Uploading a file to the server with different criteria like file size, file type, file extension etc. are discussed in this presentation.
Kindly look at it and give comments to improve it as good as possible ways.
This presentation gives brief introduction about new standard of HTML i.e. HTML5.
Here we have discussed all new HTML attributes, new HTML tags, Semantic Elements, and so many other things that are new in this standard.
This presentation gives basics of PHP programming Language(Open-source). It starts with different types of servers, Basic Syntax, varibales, Operators, and conditional statements.
It is presentation of Kotlin programming language created by JetBrains for android application developement. Here we also provided some resources on Kotlin. Jump start your learning about kotlin.
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
2. Cookies
HTTP cookies are data which a server-side script
sends to a web client to keep for a period of time.
On every subsequent HTTP request, the web client
automatically sends the cookies back to server
(unless the cookie support is turned off).
The cookies are embedded in the HTTP header
(and therefore not visible to the users).
3. Cookies
Shortcomings of using cookies to keep data
User may turn off cookies support.
Data are kept with the browser
Users using the same browser share the cookies.
Limited number of cookies (20) per server/domain and
limited size (4k bytes) per cookie
Client can temper with cookies
Modify cookie files, use JavaScript to create/modify cookies, etc.
Notes
Don't always rely on cookies as the client may have
turned off cookies support.
Don't store sensitive info in cookies
4. PHP – Accessing Cookies
To set a cookie, call setcookie()
e.g., setcookie('username', 'Joe');
To delete a cookie (use setcookie() without a value)
e.g., setcookie('username');
To retrieve a cookie, refer to $COOKIE
e.g. $username = $_COOKIE('username');
Note:
Cookies can only be set before any output is sent.
You cannot set and access a cookie in the same page. Cookies set
in a page are available only in the future requests.
5. PHP – More About Setting Cookies …
setcookie(name, value, expiration, path,
domain, secure, httponly)
expiration
Cookie expiration time in seconds
0 The cookie is not to be stored persistently and will be deleted
when the web client closes.
Negative value Request the web client to delete the cookie
e.g.:
setcookie('username', 'Joe', time() + 1800); // Expire in 30 minutes
6. PHP – More About Setting Cookies …
path
Sets the path to which the cookie applies.
The cookie is only visible to all the pages in that directory and its
sub-directories.
If set to '/', the cookie will be available within the entire domain.
If set to '/foo/', the cookie will only be available within the /foo/
directory and all sub-directories such as /foo/bar/ of domain .
The default value is the current directory that the cookie is being set
in.
7. PHP – More About Setting Cookies …
domain
The domain that the cookie is available.
To make the cookie available on all subdomains of example.com,
you'd set it to '.example.com'.
Setting it to 'www.example.com' will make the cookie only
available in the www subdomain.
secure
Indicates that the cookie should only be transmitted over a secure
HTTPS connection from the client. When set to TRUE, the cookie
will only be set if a secure connection exists. The default is FALSE.
httponly
When TRUE the cookie will be made accessible only through the
HTTP protocol.
8. URL-Rewriting
Append the data to the URL
e.g.: http://www.xyz.com/foo.php?name1=value1&name2=value2
Data are kept along with the "page"
Need to append the data to every URL in the page that needs to
carry the data to another page.
Every 'name' and 'value' should be URL encoded using
urlencode().
Shortcoming of using URL-rewriting to keep data:
Limited number of characters in an URL
Not suitable for sensitive info
You can encrypt the data to improve security (e.g., www.ebay.com)
Breaks when a user access a static HTML page
9. 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
PHP – URL-Rewriting Example
<?php
// Append all (key, value) pairs in $array to $url as
// $url?key1=value1&key2=value2&…
function append_data_to_url($url, $array) {
$first = true;
$url .= '?';
foreach ($array as $key => $value) {
if (! $first)
$url .= '&';
else
$first = false;
$url .= urlencode($key) . '=' . urlencode($value);
}
return $url;
}
// Continue next page
10. 18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
PHP – URL-Rewriting Example
// A script that lists 20 items per page
$current_page = $_REQUEST['page'];
$sort_order = $_REQUEST['sort'];
// Perform validation and set default values here …
// Create parameters that need to be appended to URL
$params = array('page' => $current_page + 1,
'sort' => $sort_order);
// Append the above parameters to the URL that links
// to the next page
$next_page_url = append_data_to_url(
$_SERVER['PHP_SELF'], $params);
// Repeat for other URLs that need to carry data
// in the URL …
?>
11. 36
37
38
39
40
41
42
43
44
45
46
PHP – URL-Rewriting Example
In this example, when the user clicks the "Next Page" link,
the script will knows which page to display and what sorting
order to use.
<html><head><title>URL-Rewriting Example</title></head>
<body>
<?php
// Retrieve and display current page's data here …
?>
<a href="<?php echo $next_page_url;?>">Next Page</a>
…
</body></html>
12. Hidden Fields in HTML Form
Data are encoded as hidden fields in HTML form as:
<input type="hidden" name="username" value="CJ Yuan" />
Shortcoming of using URL-rewriting to keep data:
Require HTML form elements
13. Session
A session is a period of time in which all activities
happened within the period by the same web
client are considered "related" (typically belong to
the same application.)
Session Tracking – keeping track of users as they
traverse from one web page (generated from a
script) to another within a website (or within a web
application).
14. How Session Works?
The first time a web client visits a server, the server sends
a unique "session ID" to the web client for the client to
keep.
Session ID is typically stored in the cookies.
The session ID is used by the server to identify the client.
For each session ID created, the server also creates a
storage space. Server-side scripts that receive the same
session ID share the same storage space.
The storage space is typically implemented as a map-liked data
structure.
In PHP, it is an associative array named $_SESSION[].
A session's "storage space" is only kept alive for a period
of time (session period) or until it is explicitly deleted.
15. 1
2
3
4
5
6
7
8
9
10
PHP – Participating in a session
The first time session_start() is called, it will attempt to send a cookie
named PHPSESSID with a generated session ID made up of 32
hexadecimal letters. The data stored in $_SESSION[] will be saved in an
external file when the script exits.
<?php
// Must call this function first in all scripts that
// need to participate in the same session.
session_start();
// Now we can read/write data from/to $_SESSION[]
if (authenticate($_POST['user'], $_POST['passwd'])) {
// Use this value to remember if a user has 'logged in'
$_SESSION['user'] = $_POST['user'];
}
else
unset($_SESSION['user']);
…
?>
login.php
16. 1
2
3
4
5
6
7
8
9
10
PHP – Participating in a session (continue)
If a user has successfully logged in through login.php, then
The next time session_start() is called, it will load the session data from
a file into $_SESSION[] based on the value of PHPSESSID.
<?php
// To participate in the session
session_start();
// Session data set in login.php are available here
if (! isset($_SESSION['user'])) {
// User has not yet logged on
}
…
?>
another_file.php
17. 1
2
3
4
5
6
7
8
9
10
11
12
13
14
PHP – Ending a session
Note: session_name() returns the name of the cookie that stores the
session ID.
<?php
// To start or participate in a session.
session_start();
$_SESSION = array(); // Clearing all session data
// Delete the cookie that stores the session ID to KILL the session
if (isset($_COOKIE[session_name()]))
setcookie(session_name(), '', time()-3600, '/');
// Finally, destroy the session (Deleting
// the session data stored in the file)
session_destroy();
?>
logout.php
18. PHP – Setting Session Parameters in php.ini
Some of the session related parameters in "php.ini":
; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
; The path for which the cookie is valid.
session.cookie_path = /
; The domain for which the cookie is valid.
session.cookie_domain =
19. PHP – Function For Setting Session Parameters
void session_set_cookie_params(
int $lifetime, string $path, string $domain,
bool $secure=false, bool $httponly=false )
Set cookie parameters defined in the php.ini file. The effect
of this function only lasts for the duration of the script. Thus,
you need to call this function for every request and before
session_start() is called.
Default value of $path is '/'. To prevent session ID from
being discovered by other PHP scripts running in the same
domain, you should set $path to the subfolder where your
scripts are stored.
20. Combined Use
All of Cookies, URL-rewriting, Hidden Fields, and
Session can be simultaneously used in a web
application.
Cookies: Can persist data for long period but is not
suitable for keeping sensitive data or large amount of
data.
URL-rewriting: Keep data along with page
Hidden Fields: Keep data along with page (can keep
more data but requires HTML form)
Session Objects: Keep "short-live" data shared among
the server-side scripts within a web application for a
particular web client.
21. Summary
Session Management
Cookies
URL-Rewriting
Hidden Fields in HTML Form
High level APIs in Java and HttpSession Objects.
References
http://en.wikipedia.org/wiki/HTTP_cookie
PHP Manual – Session Handling
http://hk.php.net/manual/en/book.session.php