Session Management in PHP Session 18 Review - I    Websites use cookies to store user-specific information Cookies are stored on the Web browser’s hard disks PHP provides three ways of retrieving a cookie value:    Passing a variable as cookie name Using $_COOKIE[] Using $HTTP_COOKIE_VARS[] PHP / Session 18 / Slide of 27 Review - II  Drawbacks of cookies:      Cookies cannot contain more than a certain amount of information Only a maximum of 20 cookies of a domain can be maintained A browser can maintain a maximum of 300 cookies Some users disable cookies while accessing websites Storing large number of cookie files slows down the computer PHP / Session 18 / Slide of 27 Objectives  Define a session  Work with the session  Start the session  Register the session  End the session  Work with the php.ini file PHP / Session 18 / Slide of 27 Sessions     Refers to the time the user a particular Web site Enable Web sites to store user requests and information on the Web Enable distinguishing the user specific information during the life of the session Session life refers to the total time a user spends on the Web site PHP / Session 18 / Slide of 27 Traditional Transfer of Data  Web sites traditionally use two methods to pass user information from one script to another, such as:   GET POST PHP / Session 18 / Slide of 27 Using Cookies to Transfer Data  Enable us to store data into a variable and access it across all the pages of the Web site PHP / Session 18 / Slide of 27 Difference between Cookies and Sessions Cookies Sessions Stores user information on Stores user information on the client system the Web server Available even after the Destroyed when the user user exits the Web browser exits the Web browser Users can disable cookies Users cannot disable sessions Have size limits Do not have size limits PHP / Session 18 / Slide of 27 Working with Sessions - I    Session commences when a user accesses the session-enabled Web site Web server assigns a unique session ID to each user when the user starts a session Scripts store and access user information through the session ID PHP / Session 18 / Slide of 27 Working with Sessions - II PHP / Session 18 / Slide 10 of 27 Session Files      Created when a new session starts Created on a Web server Created in the /tmp directory File name based on unique session identifier value that PHP engine generates File naming convention: sess_ PHP / Session 18 / Slide 13 of 27 session_start() Function   Must be specified on the top of every Web page or before the start of the actual coding Always returns True PHP / Session 18 / Slide 14 of 27 session_start()Example Example  Example echo “Welcome to Shoppers Paradise”;  PHP / Session 18 / Slide 15 of 27 Registering the Session Variable   Session variables need to be registered with the session library to work with the sessions across all the Web pages Session library enables:    Creation Serialization Storage of session data PHP / Session 18 / Slide 16 of 27 Methods to Set Session Variable    $_SESSION[] - Recommended for PHP 4.1.0 $HTTP_SESSION_VARS[] - Recommended for PHP 4.0.6 or less session_register() - Not recommended as it has deprecated PHP / Session 18 / Slide 17 of 27 Ending a Session  session_destroy() function used to end a session  Removes the session file from the system  $PHPSESID cookie is not removed from the Web browser PHP / Session 18 / Slide 18 of 27 Working with php.ini File - I  PHP interpreter works according to the specifications made in the php.ini file  Located under the /usr/local/php4/lib directory PHP / Session 18 / Slide 19 of 27 Options in php.ini File - I  Language Options    Safe Mode   Performs a UID compare check when opening files Font Colors   Enables PHP scripting language engine under Apache Allows ASP style tags Indicates the colors that PHP uses for highlighting syntax Misc  Indicates whether or not PHP discloses the fact that it is installed on the server PHP / Session 18 / Slide 20 of 27 Options in php.ini File - II  Resource Limits    Error handling and logging     Indicates the maximum time for script execution Indicates the maximum amount of memory a script requires Reports all errors and warnings Reports fatal compile time errors Reports fatal run-time errors Data Handling  Controls list of separators used in PHP generated URLs to separate arguments PHP / Session 18 / Slide 21 of 27 Options in php.ini File - III  Magic Quotes    Path and Directories   Sets magic quotes for incoming Get, Post, Cookie data Uses Sybase style magic quotes Specifies the name of the directory under which PHP opens the script File Uploads   Indicates whether or not to allow HTTP file uploads Indicates the maximum allowed size for upload files PHP / Session 18 / Slide 22 of 27 Options in Session Category - I Options Description session.save_handler Specifies how PHP stores and retrieves session variable session.save_path Specifies the name of the directory where the session files will be stored session.use_cookies Indicates whether PHP must send session ID to the Web browser through a cookie session.use_only_cookies Indicates whether the modules can use only cookies for storing session IDs PHP / Session 18 / Slide 23 of 27 Options in Session Category - II Options Description session.cookie_lifetime Specifies the lifetime of the cookie session.name Manages the cookie name and form attributes such as GET and POST that holds the session ID session.auto_start Enables sessions to automatically initialize if the session ID is not found in the browser request session.cookie_secure Specifies whether or not the cookies must be sent over secured connections PHP / Session 18 / Slide 24 of 27 Summary - I     Cookies provide us with the functionality of storing temporary Web user information Sessions enable PHP store user information on the Web server Sessions enable Web sites store user requests and information on the Web Lifecycle of Session:    Starting a session Registering a session variable Ending a session PHP / Session 18 / Slide 25 of 27 Summary - II   session_start() function enables to start a session Session library enables:     Creation Serialization Storage of session data Methods to set session varaible    $_SESSION[] $HTTP_SESSION_VARS[] session_register() PHP / Session 18 / Slide 26 of 27 Summary - III    session_destroy() function used to end a session php.ini file located under the /usr/local/php4/lib directory Some options in php.ini file:      Language Options Safe Mode Font Colors Error handling and logging File Uploads PHP / Session 18 / Slide 27 of 27 [...]...Lifecycle of Sessions    Starting the session Registering the session variable Ending the session PHP / Session 18 / Slide 11 of 27 Starting a Session    Also called as initializing a session Session starts when a user logs on to the Web site session_ start() function enables to start a session PHP / Session 18 / Slide 12 of 27 Session Files      Created when a new session starts Created... browser PHP / Session 18 / Slide 18 of 27 Working with php. ini File - I  PHP interpreter works according to the specifications made in the php. ini file  Located under the /usr/local /php4 /lib directory PHP / Session 18 / Slide 19 of 27 Options in php. ini File - I  Language Options    Safe Mode   Performs a UID compare check when opening files Font Colors   Enables PHP scripting language engine... Storage of session data PHP / Session 18 / Slide 16 of 27 Methods to Set Session Variable    $ _SESSION[ ] - Recommended for PHP 4.1.0 $HTTP _SESSION_ VARS[] - Recommended for PHP 4.0.6 or less session_ register() - Not recommended as it has deprecated PHP / Session 18 / Slide 17 of 27 Ending a Session  session_ destroy() function used to end a session  Removes the session file from the system  $PHPSESID... server Sessions enable Web sites store user requests and information on the Web Lifecycle of Session:    Starting a session Registering a session variable Ending a session PHP / Session 18 / Slide 25 of 27 Summary - II   session_ start() function enables to start a session Session library enables:     Creation Serialization Storage of session data Methods to set session varaible    $ _SESSION[ ]... varaible    $ _SESSION[ ] $HTTP _SESSION_ VARS[] session_ register() PHP / Session 18 / Slide 26 of 27 Summary - III    session_ destroy() function used to end a session php. ini file located under the /usr/local /php4 /lib directory Some options in php. ini file:      Language Options Safe Mode Font Colors Error handling and logging File Uploads PHP / Session 18 / Slide 27 of 27 ... session_ start()Example Example 1  < ?php session_ start(); echo “The Session id is ” session_ id(); ?> Example 2 echo “Welcome to Shoppers Paradise”; < ?php session_ start(); echo “The Session id is ” session_ id(); ?>  PHP / Session 18 / Slide 15 of 27 Registering the Session Variable   Session variables need to be registered with the session library to work with the sessions across all the Web pages Session library enables:... engine under Apache Allows ASP style tags Indicates the colors that PHP uses for highlighting syntax Misc  Indicates whether or not PHP discloses the fact that it is installed on the server PHP / Session 18 / Slide 20 of 27 Options in php. ini File - II  Resource Limits    Error handling and logging     Indicates the maximum time for script execution Indicates the maximum amount of memory a... Created in the /tmp directory File name based on unique session identifier value that PHP engine generates File naming convention: sess_ PHP / Session 18 / Slide 13 of 27 session_ start() Function   Must be specified on the top of every Web page or before the start of the actual coding Always returns True PHP / Session 18 / Slide 14 of 27 session_ start()Example Example 1  < ?php. .. the session ID session. auto_start Enables sessions to automatically initialize if the session ID is not found in the browser request session. cookie_secure Specifies whether or not the cookies must be sent over secured connections PHP / Session 18 / Slide 24 of 27 Summary - I     Cookies provide us with the functionality of storing temporary Web user information Sessions enable PHP store user information... files will be stored session. use_cookies Indicates whether PHP must send session ID to the Web browser through a cookie session. use_only_cookies Indicates whether the modules can use only cookies for storing session IDs PHP / Session 18 / Slide 23 of 27 Options in Session Category - II Options Description session. cookie_lifetime Specifies the lifetime of the cookie session. name Manages the cookie name