You can also set the expiration time of the cookie in another way. It may be easier than using seconds.

Similar documents
COSC 2206 Internet Tools. The HTTP Protocol

Common Gateway Interface CGI

Chapter 7:- PHP. Compiled By:- Sanjay Patel Assistant Professor, SVBIT.

Database Systems Fundamentals

Server Deployment Release Notes

COMP519 Web Programming Lecture 28: PHP (Part 4) Handouts

User authentication, passwords

PHP with data handling

Crystal Enterprise 8 - ASP vs. CSP

zend. Number: Passing Score: 800 Time Limit: 120 min.

Outline. Lecture 8: CGI (Common Gateway Interface ) Common Gateway Interface (CGI) CGI Overview

exam. Number: Passing Score: 800 Time Limit: 120 min File Version: Zend Certified Engineer

Forms, CGI. Cristian Bogdan 2D2052 / 2D1335 F5 1

Forms, CGI. HTML forms. Form example. Form example...

Web History. Systemprogrammering 2006 Föreläsning 9 Web Services. Internet Hosts. Web History (cont) 1945: 1989: Topics 1990:

Common Gateway Interface

[UNIT 1 <Continued>]: <Understanding Apache>

WEB APPLICATION ENGINEERING II

NETB 329 Lecture 13 Python CGI Programming

Giving credit where credit is due

USQ/CSC2406 Web Publishing

CSE 154 LECTURE 13: SESSIONS

Web Programming 4) PHP and the Web

COMP 520 Fall 2010 The WIG language (1) The. language

COMP 520 Fall 2013 The WIG language (1) The. language

How browsers talk to servers. What does this do?

Introduction. Server-side Techniques. Introduction. 2 modes in the PHP processor:

PHP. M hiwa ahamad aziz Raparin univercity. 1 Web Design: Lecturer ( m hiwa ahmad aziz)

The HTTP Protocol HTTP

Chapter 9. Managing State Information. Understanding State Information (continued) Understanding State Information 10/29/2011.

HTTP Protocol and Server-Side Basics

The Guts of LON-CAPA

Lecture 7: Dates/Times & Sessions. CS 383 Web Development II Wednesday, February 14, 2018

Outline of Lecture 5. Course Content. Objectives of Lecture 6 CGI and HTML Forms

PYTHON CGI PROGRAMMING

Pemrograman Jaringan Web Client Access PTIIK

PHP. MIT 6.470, IAP 2010 Yafim Landa

Web Recommendations for Mobile Web Browsing

Multimedia im Netz Online Multimedia Winter semester 2015/16. Tutorial 03 Minor Subject

Creating HTML files using Notepad

PHP State Maintenance (Cookies, Sessions, Hidden Inputs)

CSE 154 LECTURE 21: COOKIES

CSE 154 LECTURE 21: COOKIES

ITS331 IT Laboratory I: (Laboratory #11) Session Handling

CITS1231 Web Technologies. PHP s, Cookies and Session Control

Using SAS/IntrNet Software

Server-Side Web Programming: Python (Part 1) Copyright 2017 by Robert M. Dondero, Ph.D. Princeton University

CN Assignment I. 1. With an example explain how cookies are used in e-commerce application to improve the performance.

How to Configure Authentication and Access Control (AAA)

An Introduction to JavaScript & Bootstrap Basic concept used in responsive website development Form Validation Creating templates

PHP: Cookies, Sessions, Databases. CS174. Chris Pollett. Sep 24, 2008.

Lecture 9 Server Browser Interactions

Lecture 6 Session Control and User Authentication. INLS 760 Web Databases Spring 2013 Rob Capra

Authentication for Web Services. Ray Miller Systems Development and Support Computing Services, University of Oxford

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Introductory workshop on PHP-MySQL

Web Search An Application of Information Retrieval Theory

HTTP Reading: Section and COS 461: Computer Networks Spring 2013

How to create secure web sites

Fachgebiet Technische Informatik, Joachim Zumbrägel

Produced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar

COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ

CSC309: Introduction to Web Programming. Lecture 8

Cookies and S essions 323

Scan Report Executive Summary

Chapter 17 : Internet Publishing

LXXVIII. Session handling functions

Applications & Application-Layer Protocols: The Web & HTTP

WEB TECHNOLOGIES CHAPTER 1

Joomla 3.X Global Settings Part III Server Settings

Web Programming with PHP

Master Syndication Gateway V2. User's Manual. Copyright Bontrager Connection LLC

Mount Saint Mary College, Newburgh, NY Internet Programming III - CIT310

Dynamic Documents. Kent State University Dept. of Math & Computer Science. CS 4/55231 Internet Engineering. What is a Script?

Session 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes

PHP INTERVIEW QUESTION-ANSWERS

Notify End-Users of Proxy Actions

CGI Architecture Diagram. Web browser takes response from web server and displays either the received file or error message.

SmartLink configuration DME Server 3.5

Notes beforehand... For more details: See the (online) presentation program.

HTTP Requests and Header Settings

Forms, CGI. Objectives

Web Programming TL 9. Tutorial. Exercise 1: String Manipulation

Lecture 9a: Sessions and Cookies

CSCI-1680 WWW Rodrigo Fonseca

The 4D Web Companion. David Adams

CSCI-1680 WWW Rodrigo Fonseca

HTTP Review. Carey Williamson Department of Computer Science University of Calgary

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):

CS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.

Alpha College of Engineering and Technology. Question Bank

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

Web Services User Guide

The HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1

Cross-Site Request Forgery (CSRF) Attack Lab

World Wide Web, etc.

Web Services April 24, 2007

This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in

Web Engineering. Basic Technologies: Protocols and Web Servers. Husni

Web basics: HTTP cookies

Transcription:

What is a Cookie? A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values. How to Create a Cookie? The setcookie() function is used to set a cookie. anote: The setcookie() function must appear BEFORE the tag. Syntax : setcookie(name, value, expire, path, domain); Example 1 In the example below, we will create a cookie named "user" and assign the value "" to it. We also specify that the cookie should expire after one hour: setcookie("user", "", time()+3600);... Note: The value of the cookie is automatically URLencoded when sending the cookie, and automatically decoded when received (to prevent URLencoding, use setrawcookie() instead). Example 2 You can also set the expiration time of the cookie in another way. It may be easier than using seconds. $expire=time()+60*60*24*30; setcookie("user", "", $expire);... In the example above the expiration time is set to a month (60 sec * 60 min * 24 hours * 30 days). How to Retrieve a Cookie Value? The PHP $_COOKIE variable is used to retrieve a cookie value. In the example below, we retrieve the value of the cookie named "user" and display it on a page: // Print a cookie echo $_COOKIE["user"]; // A way to view all cookies print_r($_cookie); In the following example we use the isset() function to find out if a cookie has been set: <body>

if (isset($_cookie["user"])) echo "Welcome ". $_COOKIE["user"]. "!<br />"; else echo "Welcome guest!<br />"; </body> </html> How to Delete a Cookie? When deleting a cookie you should assure that the expiration date is in the past. Delete example: // set the expiration date to one hour ago setcookie("user", "", time()-3600); PHP Session Variables When you are working with an application, you open it, do some changes and then you close it. This is much like a Session. The computer knows who you are. It knows when you start the application and when you end. But on the internet there is one problem: the web server does not know who you are and what you do because the HTTP address doesn't maintain state. A PHP session solves this problem by allowing you to store user information on the server for later use (i.e. username, shopping items, etc). However, session information is temporary and will be deleted after the user has left the website. If you need a permanent storage you may want to store the data in a database. Sessions work by creating a unique id (UID) for each visitor and store variables based on this UID. The UID is either stored in a cookie or is propagated in the URL. Starting a PHP Session Before you can store user information in your PHP session, you must first start up the session. Note: The session_start() function must appear BEFORE the tag: session_start(); <body> </body> </html> The code above will register the user's session with the server, allow you to start saving user information, and assign a UID for that user's session. Storing a Session Variable The correct way to store and retrieve session variables is to use the PHP $_SESSION variable: session_start();

// store session data $_SESSION['views']=1; <body> //retrieve session data echo "Pageviews=". $_SESSION['views']; </body> </html> Output: Pageviews=1 In the example below, we create a simple page-views counter. The isset() function checks if the "views" variable has already been set. If "views" has been set, we can increment our counter. If "views" doesn't exist, we create a "views" variable, and set it to 1: session_start(); if(isset($_session['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; echo "Views=". $_SESSION['views']; Destroying a Session If you wish to delete some session data, you can use the unset() or the session_destroy() function. The unset() function is used to free the specified session variable: unset($_session['views']); You can also completely destroy the session by calling the session_destroy() function: session_destroy(); Note: session_destroy() will reset your session and you will lose all your stored session data.

$_SERVER variable This array/variable ($_SERVER) is a replacement of deprecated $HTTP_SERVER_VARS variable in PHP, Which allows us to get information about server and Current execution environment of PHP script. This array/variable stores/contains information such as headers, paths, and script locations and is "superglobal" by default. Named Constant 'PHP_SELF' 'argv' 'argc' 'GATEWAY_INTERFACE' 'SERVER_ADDR' 'SERVER_NAME' 'SERVER_SOFTWARE' 'SERVER_PROTOCOL' 'REQUEST_METHOD' Description The Filename of Current PHP Page excluding the hostname from URL i.e. "http://example.com/php/phptest.php" will be "/php/phptest.php" Array of arguments passed to the script. When the script is run on the command line, this gives C-style access to the command line parameters. When called via the GET method, this will contain the query string. Contains the number of command line parameters passed to the script (if run on the command line). What revision of the CGI specification the server is using; i.e. 'CGI/1.1'. The IP address of the server under which the current script is executing. The name of the server host under which the current script is executing. If the script is running on a virtual host, this will be the value defined for that virtual host. Server identification string, given in the headers when responding to requests. Name and revision of the information protocol via which the page was requested; i.e. 'HTTP/1.0'; Which request method was used to access the page; i.e. 'GET', 'HEAD', 'POST', 'PUT'. 'REQUEST_TIME' The timestamp of the start of the request. Available since PHP 5.1.0. 'QUERY_STRING' 'DOCUMENT_ROOT' 'HTTP_ACCEPT' 'HTTP_ACCEPT_CHARSET' 'HTTP_ACCEPT_ENCODING' 'HTTP_ACCEPT_LANGUAGE' The query string, if any, via which the page was accessed. The document root directory under which the current script is executing, as defined in the server's configuration file. Contents of the Accept: header from the current request, if there is one. Contents of the Accept-Charset: header from the current request, if there is one. Example: 'iso-8859-1,*,utf-8'. Contents of the Accept-Encoding: header from the current request, if there is one. Example: 'gzip'. Contents of the Accept-Language: header from the current request, if there is one. Example: 'en'.

Named Constant 'HTTP_CONNECTION' 'HTTP_HOST' 'HTTP_REFERER' 'HTTP_USER_AGENT' 'HTTPS' 'REMOTE_ADDR' 'REMOTE_HOST' 'REMOTE_PORT' 'SCRIPT_FILENAME' 'SERVER_ADMIN' 'SERVER_PORT' 'SERVER_SIGNATURE' 'PATH_TRANSLATED' 'SCRIPT_NAME' 'REQUEST_URI' 'PHP_AUTH_DIGEST' 'PHP_AUTH_USER' Description Contents of the Connection: header from the current request, if there is one. Example: 'Keep-Alive'. Contents of the Host: header from the current request, if there is one. The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted. Contents of the User-Agent: header from the current request, if there is one. Set to a non-empty value if the script was queried through the HTTPS protocol. The IP address from which the user is viewing the current page. The Host name from which the user is viewing the current page. The reverse dns lookup is based off the REMOTE_ADDR of the user. The port being used on the user's machine to communicate with the web server. The absolute pathname of the currently executing script. The value given to the SERVER_ADMIN (for Apache) directive in the web server configuration file. If the script is running on a virtual host, this will be the value defined for that virtual host. The port on the server machine being used by the web server for communication. For default setups, this will be '80'; using SSL, for instance, will change this to whatever your defined secure HTTP port is. String containing the server version and virtual host name which are added to server-generated pages, if enabled. Filesystem- (not document root-) based path to the current script, after the server has done any virtual-to-real mapping. Contains the current script's path. This is useful for pages which need to point to themselves. The FILE constant contains the full path and filename of the current (i.e. included) file. The URI which was given in order to access this page; for instance, '/index.html'. When doing Digest HTTP authentication this variable is set to the 'Authorization' header sent by the client (which you should then use to make the appropriate validation). When doing HTTP authentication this variable is set to the username provided by the user.

Named Constant 'PHP_AUTH_PW' 'AUTH_TYPE' 'PATH_INFO' 'ORIG_PATH_INFO' Description When doing HTTP authentication this variable is set to the password provided by the user. When doing HTTP authenticated this variable is set to the authentication type. if the current script was accessed via the URL http://www.example.com/php/path_info.php/some/stuff?foo=bar, then $_SERVER['PATH_INFO'] would contain /some/stuff. Original version of 'PATH_INFO' before processed by PHP. Example : if you're running PHP script shown below on your own computer i.e. on server installed in your computer, then, it will output "localhost" or "127.0.0.1". echo $_SERVER['SERVER_NAME']; /*Above PHP statement will output The Domain Name on which you're running this PHP script, for example: www.example.com */ Example 2 PHP Code to Print All Data of $_SERVER into Tabular Format echo '<table border="1">'; foreach ($_SERVER as $k => $v){ echo "<tr><td>". $k."</td><td>". $v. "</td></tr>"; } echo "</table>"

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback