The document discusses different methods for passing parameters and tracking user sessions in PHP, including passing parameters via HTML forms, using predefined PHP variables, cookies, sessions, and URL rewriting. It provides examples of setting and retrieving parameter values across pages using these different techniques.

1. Passing parameters & Session Tracking in PHP Prof. Ami Tusharkant Choksi Assistant Professor, Computer Engg. Dept., C.K.Pithawalla College of Engg. & Tech., Surat, Gujarat State, India.

2. What is Parameter Passing & Session Tracking? -> Values of the text typed in user form is passed to other HTML and/or server side script is called parameter passing . -> A session refers to all the connections that a single client might make to a server in the course of viewing any pages associated with a given application.[1] -> Maintenance of user's state during session(e.g.login to logout) is called a Session Tracking .

3. Ways Visible form parameters Hidden form parameters Cookies Session URL Rewriting

4. Parameter Passing with <Form> Methods of passing parameters with <form> GET (smaller data i.e.1024 bytes) POST(bigger data, as well as file upload) PHP uses predefined variables $_GET['varname'] $_POST['varname']

5. Predefined Variables[2] PHP provides a large number of predefined variables represent everything from external variables to built-in environment variables, last error messages to last retrieved headers to all scripts. Superglobals — Superglobals are built-in variables that are always available in all scopes $GLOBALS — References all variables available in global scope $_SERVER — Server and execution environment information $_SERVER — Server and execution environment information $_GET — HTTP GET variables $_POST — HTTP POST variables $_FILES — HTTP File Upload variables

6. List of predefined variables [2]... $_REQUEST — HTTP Request variables $_SESSION — Session variables $_ENV — Environment variables $_COOKIE — HTTP Cookies $php_errormsg — The previous error message $HTTP_RAW_POST_DATA — Raw POST data $http_response_header — HTTP response headers $argc — The number of arguments passed to script $argv — Array of arguments passed to script

7. The values of Predefined Variables Values of predefined variables can be seen with <?php phpinfo() ?>

8. File Upload Writing client's file on the server is called File Upload. In HTML code following is must be added: <form method=&quot;post&quot; enctype=&quot;multipart/form-data&quot; action=&quot;upload.php&quot;> FileName <input type=&quot;file&quot; name=&quot;userfile&quot;> Above code will display Browse/Choose button on the browser page with which one can select a file.

9. File Upload HTML page in Browser

10. Required Configuration in /etc/php.ini File ;file_uploads must be On file_uploads = On ; Temporary directory for HTTP uploaded files (will use system default if not specified). upload_tmp_dir =/tmp ; Maximum allowed size for uploaded files. upload_max_filesize = 2M

11. Retrieval of File at Server #/uploads must be having o+rwx permission $uploaddir = &quot;/uploads/&quot;; $uploadfile = $uploaddir . basename($_POST[&quot;filename&quot;]); if (move_uploaded_file($_FILES[&quot;filename&quot;][&quot;tmp_name&quot;], $uploadfile)) { echo &quot;File is valid, and was successfully uploaded.\n&quot;; } else { echo &quot;Possible file upload attack!\n&quot;; }

12. Session Tracking is done with As HTTP is stateless protocol Session Tracking must be maintained by programmers with following ways: Hidden form parameters Cookies Session URL Rewriting

13. Hidden Parameter Passing Parameter is passed from 1 page to other which is not visible from user. <input type=hidden name=”username” value=”amichoksi”> Can be retrieved in PHP by $_GET[“username”] $_POST[“username”]

14. Cookies [2] Cookies are a mechanism for storing data in the remote browser and thus tracking or identifying return users. Set Cookie bool setcookie ( string $name string $value , int $expire=0 , string $path , string $domain , bool $secure=false , bool $httponly=false) setcookie(“username”,”ami”,time()+300); Read Cookie $_COOKIE['name']

15. Session [2] A way to preserve certain data across subsequent accesses.

16. Session Functions [2] session_cache_expire — Return current cache expire session_cache_limiter — Get and/or set the current cache limiter session_commit — Alias of session_write_close session_decode — Decodes session data from a string session_destroy — Destroys all data registered to a session session_encode — Encodes the current session data as a string session_get_cookie_params — Get the session cookie parameters session_id — Get and/or set the current session id session_is_registered — Find out whether a global variable is registered in a session session_module_name — Get and/or set the current session module session_name — Get and/or set the current session name session_regenerate_id — Update the current session id with a newly generated one session_register — Register one or more global variables with the current session session_save_path — Get and/or set the current session save path session_set_cookie_params — Set the session cookie parameters session_set_save_handler — Sets user-level session storage functions session_start — Initialize session data session_unregister — Unregister a global variable from the current session session_unset — Free all session variables session_write_close — Write session data and end session

17. Examples File: Page1.php <?php session_start(); echo 'Welcome to page #1'; $_SESSION['favcolor'] = 'green'; $_SESSION['animal'] = 'cat'; $_SESSION['time'] = time(); session_set_cookie_params(10,&quot;/&quot;,&quot;sun.com&quot;,true, false); ?>

18. Example... Filename Page2.php session_start(); echo 'Welcome to page #2<br />'; echo $_SESSION['favcolor']; // green echo $_SESSION['animal']; // cat echo date('Y m d H:i:s', $_SESSION['time']);?> session_unset ();//releasing session data Echo $_SESSION['time'];//no output

19. URL Re-Writing The Apache server’s mod_rewrite module gives the ability to transparently redirect one URL to another by modifying URL (i.e. re-writing), without the user’s knowledge. Used in situations:- Pass some information to other page redirecting old URLs to new addresses Or - cleaning up the ‘dirty’ URLs coming from a poor publishing system

20. Required Configuration and Examples Following line must be uncommented available in /etc/httpd/conf/httpd.conf file LoadModule rewrite_module modules/mod_rewrite.so URL Rewriting examples http://localhost/ami/123 http://localhost/~ami/UrlRewrite.php?name=amichoksi

21. Retrieval of URL Rewriting Data <?php if(isset($_SERVER['PATH_INFO'])){ echo $_SERVER['PATH_INFO'];} else if(isset($_GET['username'])) { echo $_GET['username']; } ?>

22. References http://livedocs.adobe.com/coldfusion/6.1/htmldocs/shared28.htm http://in.php.net/manual/en/