PHP and Sessions Session a general definition n

PHP and Sessions

Session – a general definition n The GENERAL definition of a session in the “COMPUTER WORLD” is: n q The interactions (requests and responses) that take place between 2 computers during a set period of time. There are many kinds of sessions in the “Computer World” that even you have experienced. n n n ssh / telnet session sftp session Session between your app and a server –like a Bank of America App that communicates with the Bank server

Session – a web definition n When we think about Sessions in terms of Web Systems we add to the general definition n The interactions (requests and responses) that take place between 2 computers during a set period of time. PLUS, we typically store data (persistence) between these requests and response. This data will go away once the session is ended. Languages built for the web (or that are useful for the web) will have built-in code to handle Web Sessions

PHP Sessions n In PHP, we have the ability to: q q q n Start a session Grab existing session Add data ‘to” a session Remove data “from” a session Set the lifetime of a session Destroy (kill/end) a session A PHP session variable is used to store information about, or change settings for a user session.

PHP Sessions n In PHP, we have a special pre-defined array we can use to store session data in: q $_SESSION[] n n This is an associative array (key to values) where $_SESSION[‘the_name’] is the data value associated with the key ‘the_name’…. .

PHP Sessions n n Remember our Session data holds information about one single user (client) during its session with another computer (server) By default (though you can alter this), any php program served from the same Server and base URL has access to the same $_SESSION[] data. n So if you have a cart. php and a processorder. php both coming from you account in puzzle –they have access to the same $_SESSION[] data with the client invoking those php programs.

PHP Sessions n session_start() n Before you can store user information in your PHP session, you must first start up the session. n n NOTE: this function will create a new session if none exists between the client and server OR if one exists will “grab” the session and populate $_SESSION[] array --- THIS IS DONE FOR YOU by the PHP interpreter/Apache server. The session_start() function must appear BEFORE the <html> tag

PHP Sessions n $_SESSION['views']=1; n if(isset($_SESSION['views'])) $_SESSION['views']=$_SESSION['views']+1; else $_SESSION['views']=1; echo "Views=". $_SESSION['views'];

Example --- See our website <? php session_start(); //if session variable already exists then increment it by 1 //else set to 1 if(isset($_SESSION['views'])) $_SESSION['views'] = $_SESSION['views']+ 1; else $_SESSION['views'] = 1; echo "views = ". $_SESSION['views']; ? >

Example --- See our website <? php session_start(); // store session data $_SESSION['views'] = 1; //retrieve data echo "Pageviews = ". $_SESSION['views']; ? >

Example 2 --- See our website – VIEWS Counter <? php session_start(); Hit it 2 times //if session variable already exists then increment it by 1 //else set to 1 if(isset($_SESSION['views'])) $_SESSION['views'] = $_SESSION['views']+ 1; else $_SESSION['views'] = 1; echo "views = ". $_SESSION['views']; ? > Hit it 3 times

PHP Sessions – removing data n n unset($_SESSION['views']); The unset() function is used to free the specified session variable <? php session_start(); //removes session variable cart if it exists if(isset($_SESSION['cart'])) unset($_SESSION['cart']); ? >

PHP Sessions --destroying (killing) n n session_destroy(); will reset your session and you will lose all your stored session data. <? php session_start(); //intermediate code //. . . //ready to destory session_destroy(); ? >

Another page visit example

visit. php <? php session_start(); $current=time(); // look at the current time if($_SESSION[last_click]) { $passed=$current-$_SESSION[‘last_click’]; $to_print. ="$passed seconds have passed since your last visit. n"; $_SESSION[‘last_click’]=$current; } else { FIRST TIME: $to_print="This is your first visit. n"; Your Visit Status This is your first visit. $_SESSION[‘last_click’]=$current; Thank you and please return } print "$topn$to_printn$bottom"; SECOND TIME ? > Your Visit Status 43 seconds have passed since your last visit. Thank you and please return

Did you know…. YOU CAN ALSO STORE INFORMATION ON THE CLIENT CALLED COOKIES THAT IS AUTOMATICALLY SENT TO SERVER WHEN CLIENT REREQUESTS THAT SERVER

This is how Amazon knows your name n See it knows about “Behzad’s Amazon”

Cookies n Cookies are (name, value) pairs that are stored in the Client machine (in our case the client SW is a browser and it does this storing for you in a file) that is persistent –and it is returned to the Server everytime you go back to same URL/Server.

cookies n n A cookie is a piece of attribute/value data. A server can send cookies as value of a HTTP header Set-Cookie: . Multiple headers may be sent. When the client visits the web site again, it will send the cookie back to the server with a HTTP header Cookie:

Set-Cookie n n Set-Cookie: name=value; [expires= date; ] [path=path; ] [domain= domain] [secure] where q q q name= is the variable name set in the cookie value= is the variable's value date= is a date when the cookie expires path= restricts the cookie to be sent only when requests to a path starting with path are made domain= restricts the sending of the cookie to a certain domain secure restricts transmission to https

Cookies: The browser compares the request it wants to make with the URL and the domain that sent the cookie. n If the path is not set the cookie will only be sent to a request with the originating URL. n If the cookie matches the request a request header of the form Cookie: name 1=value 1 ; name 2=value 2 is sent. n

PHP and Cookies n Cookies in PHP are fairly easy to use: q setcookie() function is called to create a cookie that will be sent to the client n n See http: //php. net/manual/en/function. setcookie. php As always with cookies, they must be sent with the http header q q Thus, you should determine and set any cookies in PHP mode prior to using any html (or even simple text) $_COOKIE array contains the cookies received back from the client machine n n Cookies sent to client by server previously Associative array allows access of cookies by name 22

Confused --- Sessions and Cookies