LIS651 lecture 4

1
LIS651 lecture 4

• Thomas Krichel
• 2005-04-15

2
today

• sessions

3
sessions

• You will recall that HTTP is a stateless
  protocol. Each request/response is
  self-contained.
• Statefulness is crucial in Web applications.
  Otherwise users have to authenticate every time
  they access a new page.
• Traditionally, one way to create statefullness is
  to use cookies.
• PHP uses cookies to create a concept of its own,
  sessions, that makes it all very easy.

4
cookies

• A cookie is a piece of attribute/value data. A
  server can send cookies as value of a HTTP header
  Set-Cookie. Multiple headers may be sent.
• When the client visits the web site again, it
  will send the cookie back to the server with a
  HTTP header Cookie

5
Set-Cookie

• Set-Cookie namevalue expiresdate
  pathpath domaindomain secure
• where
• name is the variable name set in the cookie
• value is the variable's value
• date is a date when the cookie expires
• path restricts the cookie to be sent only when
  requests to a path starting with path are made
• domain restricts the sending of the cookie to a
  certain domain
• secure restricts transmission to https

6
Cookies

• The browser compares the request it wants to make
  with the URL and the domain that sent the cookie.
• If the path is not set the cookie will only be
  sent to a request with the originating URL.
• If the cookie matches the request a request
  header of the form
• Cookie name1value1 name2value2
• is sent.

7
sessions

• Sessions are a feature of PHP. PHP remembers a
  session through a special cookie PHPSESSID.
• To activate the sessions, include
  session_start() at the beginning of your script,
  before any printing has been done.
• One a session is active, you have a special
  super-global variable _SESSION. Session data is
  stored in special files on wotan.

8
_SESSION

• This is an array where you can read and set
  variables that you want to keep during the
  session.
• if(_SESSIONuser_name)
• print "welcome _SESSIONuser_name"
• else
• // show users login form
• print login_form()

9
ending sessions

• At 9 and 39 past each hour, wotan deletes all
  session files that have not been changed for 24
  minutes or more.
• If you want to remove a session yourself, you can
  call session_destroy() in your script.

10
visit.php

• lt?php
• top'lt!DOCTYPE html PUBLIC "-//W3C//DTD XHTML
  1.0 Strict//EN"
• "http//www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd
  "gt
• lthtmlgtltheadgtlttitlegtlt/titlegtltmeta
  http-equiv"content-type"
• content"text/html charsetUTF-8"/gt
• lt/headgtltbodygtltdivgt'
• bottom'lt/divgtltpgt
• lta href"http//validator.w3.org/check?urireferer
  "gt
• ltimg style"border 0pt" src"/valid-xhtml10.png"
• alt"Valid XHTML 1.0!" height"31"
  width"88" /gt
• lt/agtlt/pgtlt/bodygtlt/htmlgt'

11
visit.php

• session_start()
• currentmktime() // look at the current time
• if(_SESSIONlast_click)
• passedcurrent-_SESSIONlast_click
• to_print."passed seconds have passed since
  your last visit.\n"
• _SESSIONlast_clickcurrent
• else
• to_print"This is your first visit.\n"
• _SESSIONlast_clickcurrent
• print "top\nto_print\nbottom"
• ?gt

12
http//openlib.org/home/krichel

• Thank you for your attention!