7_PHP_II_COMP3322B_s2019.pdf - COMP 3322B Modern Technologies on World Wide Web 2nd semester 2018-2019 PHP Part II(O2 Dr C Wu Department of Computer

7_PHP_II_COMP3322B_s2019.pdf - COMP 3322B Modern...

This preview shows page 1 out of 32 pages.

You've reached the end of your free preview.

Want to read all 32 pages?

Unformatted text preview: COMP 3322B Modern Technologies on World Wide Web 2nd semester 2018-2019 PHP - Part II (O2) Dr. C Wu Department of Computer Science The University of Hong Kong Cookies and sessions Motivation: HTTP is a stateless protocol — requesting each page is an independent action. How to make the server remember the state of a client across his/her multiple page accesses? Example state information: login information, shopping cart content, etc. same URL: before login after login Cookies and sessions Cookies: key/value pairs (variable/value) maintained by browsers E.g., manage cookies on Chrome: Preferences=>Settings=>Advanced =>Content Settings=>Cookies Sessions: key/value pairs (variable/value) maintained on the server, like server-side cookies Step 1. The server sends the cookie to the Step 1. The server client. Cookies Step 1. The server sends the cookie to the client. Step 1. The server sends the cookie to the client. How cookie works: the server sets the cookie and sends it to the client 3. The cookie’s variable and value is generated and send to the client. 1. 1. Client Client requests requests for a web page (say, web page requests (say, a.php). 1. Client for a web page (say, a.php). 1. Client requests for a 4.4.Client Client(browser) (browser) loginName=Kit&loginPassword=xx web page (say, a.php). stores and maintain stores and(browser) maintain 4. Client the cookie variable. the cookie variable. stores and maintain 4. Client (browser) the cookie variable. storesKey and maintain Key Values Value theloginName cookie Key variable. Value loginName Kit Kit Value Key 4. Client (browser) stores and maintain the cookie variable. 1. Client requests for a web page (say, a.php). 2. The web page contains server side processing cod which indicates setting of cookie variable. variable Cookies stored in the client machine cookies stored on the client from i.cs.hku.hk Kit … loginName … setcookie("loginName", "K … … … Cookies stored in the client machine 2. The web page contains server code, 2. Theside webprocessing page contains which setting of a serverindicates side processing code, 2. The variable. web page contains cookie variable which indicates setting of a server side processing code, cookie variable. variable …which indicates setting of a "Kit",…) cookie variable. variable setcookie("loginName", … …setcookie("loginName", "Kit",…) …… Code in a.php indicates create a cookie 3. The The cookie’s cookie’s variable 3. cookie Code in a.php indicates to create a variable in the client machine. setcookie("loginName", "Kit",…) and value is generated generated machine. and value is and 3. The cookie’s variable cookie variable on the client side Code in a.php indicates create a cookie … send to theis client. send to the client. variable in the client machine. and value generated and 29 29 and value are generated and 3.send The to cookie’s variable the client. sent to the client HTTP/1.1 200 OK Code in a.php indicates create a cookie 29 variable in the client machine. and value is generated and .... send to the client. Set-Cookie: loginName=Kit 2 … Code in a.php indicates create a co variable in the client machine. loginName …… ……Kit Key Value … Cookiesstored stored… theclient clientmachine machine Cookies ininthe loginName Kit Cookies stored in the client machine POST /~c0322/a.php HTTP/1.1 Host : i.cs.hku.hk .... Step 1. The server sends the cookie to the client. …. <!DOCTYPE html> … How does cookie wor Cookies Stdoes 2 2. Each E h time ti cookie th the same computer t requests t a HowStep work? St 2 Step 2. Each E h time ti th the same computer t reque page with a browser, it will send the cookie to the How cookie works (cont’d): each time the same browser requests a pageitwith a browser, will page on the same server, will send the cookieitto thesend serverthe cookie t server. server server. server 2. The cookiescomputer set previously St 2 Step 2. Each E h time ti th the same t requests t a Key setValue 2. The cookies previously are sent together with the Key Value loginName Kit are sent together with the page with a browser, itrequest will send the cookie to the loginName Kit HTTP to the server. HTTP request to the server. server. server 1. Client requests for request for POST /~c0322/b.php HTTP/1.1 2. 1. The cookies set previously Client request for another page (say, b.php) are sent together with the on the same server. another page (say, b.php) HTTP request the server. on the sametoserver. Key Value lient request for loginName Kit ther page (say, b.php) … … he same server. Cookies stored in the client machine cookies stored on the client from i.cs.hku.hk Key Value oginName Kit … … stored in the client machine Key Value loginName Kit … … Cookies stored in the client machine Key Host : i.cs.hku.hk Value 3. Codes in b.php can use the .... loginName Kit 3. Codes cookie variables previously set byin b.p Cookie: loginName=Kit cookie variable a.php. .... a.php. … 3. Codes$_COOKIE['loginName'] b.php can use the …… $ inCOOKIE['loginName'] cookie variables previously set$_COOKIE['login … $byCOOKIE['login a.php. Codes in b.php … 30 Code … $ COOKIE['loginName'] … $_COOKIE['loginName'] … Codes in b.php 30 PHP Cookies cookies in PHP Cookies in PHP To declare the use of a cookie variable: To declare the use of a cookie variable: Cookies in PHP cookie expire *me); setcookie("variableName", "variableValue", cookie valid time); To declare the use of a cookie variable: setcookie("variableName", "variableValue", cookie valid time); To access the value of cookie variable: To declare the use of a cookie variable: To retrieve the value of a cookie variable: $ of COOKIE[" i bl Ncookie "] valid time); setcookie("variableName", "variableValue", To access the value$_COOKIE["variableName"] cookie variable: $ COOKIE[" $_COOKIE["variableName"] i bl Nvariable: "] in the client browser: To check if a cookie is declared To access the value of cookie To check if a $_COOKIE["variableName"] is declared isset($_COOKIE["variableName"]) $cookie COOKIE[" i bl Nin the "] client browser: To check if a cookie has been set: isset($_COOKIE["variableName"]) To check if a cookie is To unset a cookie ki declared variable, i bl in just jthe client set the hbrowser: cookie ki expire i time to be 31 To unset aisset($_COOKIE["variableName"]) cookie ki anytime variable, i bl in just j thesetpast. the h cookie ki expire i time to be anytime in the past. 31 To unset a cookie ki variable, i bl just j set the h cookie ki expire i To unset a cookie variable, just set the cookie expiration time to be anytime in the past. 31 time to be anytime in the past Example 4 (processLogin.php) ... <? $user_name[0]="Kit"; $user_password[0]='password'; $user_account_balance[0]= 1000; $user_name[1]="Bobby"; $user_password[1]="password2"; $user_account_balance[1]= 2000; $user_name[2]="Harry"; $user_password[2]="password3"; $user_account_balance[2]= 3000; ... Example 4 (processLogin.php) if (in_array($_POST["loginName"], $user_name)) { $key = array_search($_POST["loginName"], $user_name); if ($user_password[$key]==$_POST["loginPassword"]) { setcookie("userName", $user_name[$key], *me()+3600); print "Login correct!<br>"; print "Name :".$user_name[$key]."<br>"; print "Account balance:".$user_account_balance [$key]."<br>"; }else print "Login failure!”; }else { print "No such user!"; } print "<br><a href='login.php'>Back to login page</a>"; ?> setcookie() Set a cookie variable named “userName”, value is the value of variable $user_name[$key] The cookie will expire in 3600 seconds The setcookie() function should usually appear BEFORE printing any html content if we use ob_start(); at the beginning and ob_end_flush(); at the end of the PHP file, HTML content can be printed before setcookie(..); Example 4 (login.php) Example 5 (login.php) (login php) <!DOCTYPE HTML PUBLIC " //W3C//DTD HTML 4.01 Transitional//EN" <!DOCTYPE html> " ; <html> Check if a cookie is set before <head> <title>Login page</title> If the cookie “userName” is </head> not set, then we display the <body> login form. <? if (!isset($_COOKIE["userName"]) ){ print '<form action="processLogin.php" method="post">'; print 'Login Login name <input type type="text" text name name="loginName" loginName /> />';; print 'Password <input type="password" name="loginPassword" />'; print '<input type="submit" />'; print '</form>'; } ?> </body> </html> 34 Example 4 (login.php) Example 5 (login.php) (login php) <!DOCTYPE HTML PUBLIC " //W3C//DTD HTML 4.01 Transitional//EN" <!DOCTYPE html> " ; <html> <head> <title>Login page</title> </head> <body> <? if (!isset($_COOKIE["userName"]) ){ print '<form action="processLogin.php" method="post">'; print 'Login Login name <input type="text" type text name name="loginName" loginName /> />';; print 'Password <input type="password" name="loginPassword" />'; print '<input type="submit" />'; print '</form>'; }else{ A i cookie ki variable i bl Accessing print "Hello! Welcome ".$_COOKIE["userName"]; print "<br />"; $_COOKIE['variableName'] print "<a href='logout.php'>Logout</a>"; } can access the variable set ?> previously. </body> 35 </html> Example 4 (logout.php) <? setcookie("userName", "", *me()-3600); print "<p>You have logged out.</p>"; print "<a href='login.php'>Back to login page</a>"; ?> Unset cookie variable Just set the expiration time to a previous time Client-server interaction (retrieving login.php) Step 1. The server sends the cookie to the client. 2. Server runs login.php 3. The cookie’s variable and value is generated and send to the client. <!DOCTYPE html> <html> <head>
 <etle>Login page</etle> </head> 2. The web page contains <body> <?
 server side processing code, if (!isset($_COOKIE["userName"]) ){ which indicates setting of a print '<form aceon="processLogin.php" method="post">';
 cookie variable. variable print 'Login name <input type="text" name="loginName" >';
 print 'Password <input type="password" … name="loginPassword">'; print '<input type="submit">';
 setcookie("loginName", "Kit",…) print '</form>'; }else{
 … print "Hello! Welcome ".$_COOKIE["userName"]; 3. The cookie’s variable Code in a.php indicates create a cookie print "<br>"; variable in the client machine. and value is generated and print “<a href=“logout.php”>Logout</a>"; 3. HTTP response sent to client } send to the client. 29 ?> HTTP/1.1 200 OK </body> …. </html> Harry ********* 1. Client requests for a web page (say, a.php). Cookies stored in the client machine login.php 4. Client (browser) stores and maintain the cookie variable. 2. The web page contains server side processing cod which indicates setting of cookie variable. variable … Value … 4. Client browser display of login.php Key Kit Kit loginName loginName … setcookie("loginName", "K … Value … Key … Code in a.php indicates create a co variable in the client machine. 4. Client (browser) stores and maintain the cookie variable. Cookies stored in the client machine GET /~c0322/login.php HTTP/1.1 1. Client requests for a Host : i.cs.hku.hk login.php web page (say, a.php). .... <!DOCTYPE html> … <form aceon="processLogin.php" method=“post"> … Step 1. The server sends the cookie to the client. Client-server interaction (retrieving processLogin.php) Step 1. The server sends the cookie to the client. 6. Server runs processLogin.php Kit Value Key 4. Client (browser) stores and maintain the cookie variable. 2. The web page contains server side processing cod which indicates setting of cookie variable. variable 3. The cookie’s variable 7. HTTP response sent and value is generated and to client send to the client. 1. Client requests for a web page (say, a.php). Cookies stored in the client machine loginName … setcookie("loginName", "K … Value loginName Kit 8. Client browser display of processLogin.php … … … Key … Code in a.php indicates create a co variable in the client machine. 4. Client (browser) stores and maintain the cookie variable. <? …. if (in_array($_POST["loginName"], $user_name)) { $key = array_search($_POST["loginName"], $user_name); 2. The web page contains if ($user_password[$key]==$_POST["loginPassword"]) { server side processing code, setcookie("userName", $user_name[$key], *me()+3600); which indicates setting of a print "Login correct!<br>"; print "Name :".$user_name[$key]."<br>"; cookie variable. variable print "Account balance:".$user_account_balance [$key]."<br>"; }else …print "Login failure!”; }else setcookie("loginName", "Kit",…) { … print "No such user!"; } Code in a.php indicates create a cookie print "<br><a href='login.php'>Back to login page</a>"; variable in the client machine. ?> 29 Cookies stored in the client machine 3. The cookie’s variable and value is generated and send to the client. POST /~c0322/processLogin.php HTTP/1.1 5. Client requests for 1. Client requests for a processLogin.php Host : i.cs.hku.hk login.php web page (say, a.php). .... HTTP/1.1 200 OK …. Set-Cookie: userName=Harry; Expires=Fri, 4 Jan 2019 12:45:15 GMT …. Step 1. The server sends the cookie to the client. Login correct!<br> Name: Harry<br> Account balance: 3000<br> <br><a href='login.php'>Back to login page</a> Client-server interaction (retrieving login.php again) Step 1. The server sends the cookie to the client. 10. Server runs login.php … 4. Client (browser) stores and maintain the cookie variable. 2. The web page contains server side processing co which indicates setting of cookie variable. variable … 12. Client browser display of login.php 3. The cookie’s variable 11. HTTP response sent and value is generated and to client send to the client. 1. Client requests for a web page (say, a.php). Cookies stored in the client machine Value Kit Key loginName Kit Value loginName … setcookie("loginName", " … Key … Code in a.php indicates create a c variable in the client machin 4. Client (browser) stores and maintain the cookie variable. … 3. The cookie’s variable and value is generated and send to the client. 9. Client requests for a 1. login.php again web page (say, a.php). <!DOCTYPE html> <html> <head>
 <etle>Login page</etle> </head> 2. The web page contains <body> <?
 server side processing code, if (!isset($_COOKIE["userName"]) ){ which indicates setting of a print '<form aceon="processLogin.php" method="post">';
 cookie variable. variable print 'Login name <input type="text" name="loginName" >';
 print 'Password <input type="password" … name="loginPassword">'; print '<input type="submit">';
 setcookie("loginName", "Kit",…) print '</form>'; }else{
 … print "Hello! Welcome ".$_COOKIE["userName"]; Code in a.php indicates create a cookie print "<br>"; variable in the client machine. print “<a href=“logout.php”>Logout</a>"; } 29 ?> </body> </html> Cookies stored in the client machine GET /~c0322/login.php HTTP/1.1 Host : i.cs.hku.hk Cookie: userName=Harry .... HTTP/1.1 200 OK …. <!DOCTYPE html> … Hello! Welcome Harry<br> <a href=“logout.php”>Logout</a> Step 1. The server sends the cookie to the client. Client-server interaction (retrieving logout.php) Step 1. The server sends the cookie to the client. Value Key 4. Client (browser) stores and maintain the cookie variable. 2. The web page contains server side processing co which indicates setting of cookie variable. variable 3. The cookie’s variable and value is generated and 15. HTTP response sent to client send to the client. 1. Client requests for a web page (say, a.php). logout.php Kit … setcookie("loginName", " … Cookies stored in the client machine loginName Code in a.php indicates create a c variable in the client machin Value loginName Kit 16. Client browser display of logout.php … … … 2. The web page contains server14. Server runs logout.php side processing code, which indicates setting of a cookie variable. variable <? 4. Client (browser) stores and maintain the cookie variable. Key … 3. The cookie’s variable and value is generated and send to the client. 13. 1. Client requests for a logout.php web page (say, a.php). Cookies stored in the client machine GET /~c0322/logout.php HTTP/1.1 Host : i.cs.hku.hk Cookie: userName=Harry .... setcookie("userName", "", *me()-3600); … print "<p>You have logged out.</p>"; setcookie("loginName", "Kit",…) print "<a href='login.php'>Back to login … page</a>"; ?> Code in a.php indicates create a cookie variable in the client machine. HTTP/1.1 200 OK …. Set-Cookie: userName=; Expires=Fri, 4 Jan 2019 10:45:15 GMT …. Step 1. The server sends the cookie to the client. <p>You have logged out.</p> <a href='login.php'>Back to login page</a> 29 Sessions Sessions Sessions Sessions Sessions Sessions Sessions Sessions Sessions Session variables are just like server side cookie How session works Session variables are just like server side cookie Session variables are just like server side cookie Session variables areare justmaintained likeserver serverside side cookie variable. The variables oncookie the server Session variables are just like Session variables are just like server side cookie variable. The variables are maintained on the server variable. The variables are maintained on the server variable. The variables are maintained on the server Session variables are just like server side cookie side. Session variables areare just like server side cookie variable. The variables maintained on the server 1. A visits a on session 1 Client Cli The ivariables i processLogin.php L are i maintained h and d login, l i login.php, i a session variable. the server through is started for side. side. side. variable. TheAvariables the server variable. The are are maintained the 1. visits session 1 Client Clivariables i i processLogin.php L i maintained h and d login, l ionaon i server side. “balance” isprocessLogin.php registered client the the client, and variable 1. A visits login, 1 Client Cli ivisits L Li i for h hand dand l dAlogin, iserver. 1. Client Aivisits a session 1Client Cli i iprocessLogin.php lii on iaa session i side. 1. A processLogin.php and login, session 1 Cli i i L i h d l i is registered registered on the server. 1. Client A visits processLogin.php and athe session 1 “balance” Cli “balance” i iis L for i for hclient dAlogin, lAon i on i variable “balance” client the server. variable is registered for client A server. side. variable variable “balance” isprocessLogin.php registered for hclient Alogin, oni the server. 1. Client A visits and a session 1 Cli i i L i d l i variable “balance” is registered for client A on the 1. A visits 1 Client Cli i i processLogin.php L i h and d login, l i a session i server. K V l Value “balance” is registered for client A Key on server. variablevariable “balance” is registered for client A on thethe server. client A KKey VValue K Key Key V lValue Value K V ll client A K Key V Value l client A balance 1000 clientAA K Key V l Value client client A balance 1000 balance 1000 balance 1000 K Key V Value lA balance 1000 Session variables for client balance 1000 client A K Key V l A Value Session variables for client client A Session variables for client Session variables for client A balance 1000 Session variables for client A AA Session variables for client Key Value processLogin.php balance 1000 Key Value processLogin.php Key ValueA Key Value Session variables for client processLogin.php KeyKey Value processLogin.php processLogin.php Value processLogin.php balance 2000 Session variables for2000 client A balance server balance 2000 Key Value processLogin.php balance 2000 balance 2000 balance 2000 server server SessionKey variables forValue client B server server server processLogin.php Session variables for client client B B balance 2000 Session variables forclient client Session variables for for client BB BBB Session variables Session variables for client client client server client BB B client B client balance 2000 Session variables for client B 2. Client B visits processLogin.php and login, a session server client B 2.2.Client B Bvisits and login, aa session 2.Client Client Bvisits visits processLogin.php and login, aa session processLogin.php and login, session 2. Cli...
View Full Document

  • Fall '13
  • Dr. C. Wu
  • Computer Science, World Wide Web, Web browser, HTTP cookie, Client-server, Hypertext Transfer Protocol

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture