6. Introduction To PHP Sessions And
Cookies
We had already tried passing data to a server .
But..how the server knows the user from which the requests are
received�
8. Cookies
â˘HTTP is a stateless protocol; this means that the web server does not
know (or care) whether two requests comes from the same user or
not; it just handles each request without regard to the context in
which it happens.
â˘Cookies are used to maintain the state in between requestsâeven
when they occur at large time intervals from each other.
â˘Cookies allow your applications to store a small amount of textual
data (typically,4-6kB) on a Web client browser.
â˘There are a number of possible uses for cookies, although their most
common one is maintaining state of a user
9. Creating A Cookie
⢠setcookie(âuserid", "100", time() + 86400);
⢠This simply sets a cookie variable named âuseridâ with value â100â and this
variable value will be available till next 86400 seconds from current time
Cookie variable name
variable value
Expiration time.
10. Accessing a Cookie
⢠echo $_COOKIE[âuseridâ]; // prints 100
⢠Cookie as array
â setcookie("test_cookie[0]", "foo");
â setcookie("test_cookie[1]", "bar");
â setcookie("test_cookie[2]", "bar");
â var_dump($_COOKIE[âtest_cookieâ]);
11. Destroying A Cookie
â˘There is no special methods to destroy a cookie, We achieve it by
setting the cookie time into a past time so that it destroys it
â Eg : setcookie(âuseridâ,100,time()-100);
13. Sessions
â˘Session serve the same purpose of cookies that is sessions are used to
maintain the state in between requests
â˘Session can be started in two ways in PHP
â By changing the session.auto_start configuration setting in php.ini
â Calling session_start() on the beginning of each pages wherever you
use session(Most common way)
Note: session_start() must be called before any output is sent to the
browser
14. Creating and accessing session
⢠Once session is started you can create and access
session variables like any other arrays in PHP
â $_SESSION[âuseridâ] = 100;
â echo $_SESSION[âuseridâ]; //prints 100
Session variable name
variable value
15. Destroying A Session
â˘There are two methods to destroy a session variable
1. Using unset() function
⢠Eg unset($_SESSION[âuseridâ])
1. Calling session_destroy() method. This will effectively destroy all the
session variables. So for deleting only one variable you should go for
the previous method
⢠Session_destroy()
17. Step 1
Goto Login_baabtra.php page and set form action to Profile.php page
<form name=âloginâ action=âlogin_action.phpâ method=âpostâ>
18. Step 2
Login_action.php Page
Create database connection here
mysql_connect('localhost','root','');
mysql_select_db("Baabtra");
$result=mysql_query("select * from tbl_user where
vchr_user_name='$username'and vchr_password='$password'");
19. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
}
checks whether there is any
resultant
20. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
}
starts a session
21. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
} sets a session variable
userid
with value of pk_int_user_id
field of the resultant set
22. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
} sets a session variable
userid
with value of pk_int_user_id
field of the resultant set
23. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
}
sets a session variable
userid
with value of pk_int_user_id
field of the resultant set
24. Step 3
Login_action.php Page
Check whether id is valid or not.if valid user then create session
if(mysql_num_rows($result)){
while($row=mysql_fetch_array($result)){
session_start();
$_SESSION['user_id']=$row['pk_int_user_id'];
header(âLocation: profile.phpâ);
}
}
header function is used for
page redirection
32. Comparison
Cookies are stored in the user's
browser
A cookie can keep information in
the user's browser until deleted
by user or set as per the timer. It
will not be destroyed even if you
close the browser.
Cookies can only store string
We can save cookie for future
reference
Sessions are stored in server
A session is available as long as the
browser is opened. User cant disable
the session. It will be destroyed if you
close the browser
Can store not only strings but also
objects
session cant be.
Cookies Session