Often times a web site designer may want to find a way to let the web site remember small bits of information about the users that visit it. This information can be as simple as a stored password, or favorite settings on a web application. The 2 most common ways to sttore this information is with cookies and settings.
Both cookies and sessions are convenient in the fact that the user doesn't need to do anything to use the functionality of sessions and cookies.However bothof these do require some setting up the the site developer, and may not work for all users.
Cookies are probably the most common method to retain information on a user. Here is how a cookie works:
The first time a user visits a website, the site will assign the browser a small file called a cookie. This file normaly contains a name, and a small peice of information determined by the site developer. This may simply be a marker to show that the user has visited the site before, or perhaps the user name for a login prompt. The next time the user visits the site, the browser will send the file, or cookie, along with the page request. The web site will frequently have some PHP code to execute, using the data found in the cookie.
It's important to know that cookies have their shortcomings. Most browsers will limit the number of cookies it will hold, and may have a limit on the number coming from a particular site. Some users will periodically remove cookies or disable them entirely, making portions of the site that rely on them inoperative. Cookies can sometimes be unsecure, making them a bad choice for storing sensitive datam such as passwords or credit cards.
To deal with the problems of cookies, we also have what are called sessions to store data. While cookies are stored on the users browser, sessions are stored on the web server. Sessions can also store a lot more informaiton than a cookie.
Examples on the implementation of cookies and sessions:
Both cookies and sessions need to be initiated before any page content is displayed, or else the PHP server will throw an error.
setcookie('name', $var time() + 3600);
if (!isset($_COOKIE['name'])){
echo 'You do not have a cookie yet!';
}
This will set up all users with a cookie once they visit the site. It will contain a variable named $var, and it will last 1 hour (3600 seconds is one hour, and time() is the amount of time since the universal cookie time out date.) Later in the HTML document, you can write PHP code to alter the value of of $var.
For a session, we do:
session_start();
if (!isset($_SESSION['name'])){
$_SESSION['name'] = array();
}
This code will chech for a session stored on the server that corresponds with the user making the page request. If no match is found, the server will assign the user its own session, along with the session's array to store data. The developer can later write in code to assign data into the array, such as passwords, or web site settings.
References: Build Your Own Database Driven Website, Kevin Yank.
Contact Me | Policies | Colophon
© 2009, Jonathan Dunstan, All Rights Reserved.