Developing State-enabled Applications With PHP

Installment 1

Developing State-enabled Applications With PHP

When a user is browsing through a website and is surfing from one web page to another, sometimes the website needs to remember the actions (e.g. choices) performed by the user. For example, in a website that sells DVDs, the user typically browses through a list of DVDs and selects individual DVDs for check out at the end of the shopping session. The website needs to remember which DVDs the user has selected because the selected items needs to be presented again to the user when the user checks out. In other words, the website needs to remember the State - i.e. the selected items - of the user's browsing activities.

However, HTTP is a Stateless protocol and is ill-equipped to handle States. A standard HTML website basically provides information to the user and a series of links that simply directs the user to other related web pages. This Stateless nature of HTTP allows the website to be replicated across many servers for load balancing purposes. A major drawback is that while browsing from one page to another, the website does not remember the State of the browsing session. This make interactivity almost impossible.

In order to increase interactivity, the developer can use the session handling features of PHP to augment the features of HTTP in order to remember the State of the browsing session. The are basically 2 ways PHP does this:

1. Using cookies
2. Using Sessions

The next installment discusses how to manage sessions using cookies...

Installment 2

Cookies

Cookies are used to store State-information in the browser. Browsers are allowed to keep up to 20 cookies for each domain and the values stored in the cookie cannot exceed 4 KB. If more than 20 cookies are created by the website, only the latest 20 are stored. Cookies are only suitable in instances that do not require complex session communications and are not favoured by some developers because of privacy issues. Furthermore, some users disable support for cookies at their browsers.

The following is a typical server-browser sequence of events that occur when a cookie is used:

1. The server knows that it needs to remember the State of browsing session

2. The server creates a cookie and uses the Set-Cookie header field in the HTTP response to pass the cookie to the browser

3. The browser reads the cookie field in the HTTP response and stores the cookie

4. This cookie information is passed along future browser-server communications and can be used in the PHP scripts as a variable

PHP provides a function called setcookie() to allow easy creation of cookies. The syntax for setcookie is: int setcookie(string name, [string val], [int expiration_date], [string path], string domain, [int secure])

The parameters are:

1. name - this is a mandatory parameter and is used subsequently to identify the cookie

2. value - the value of the cookie - e.g. if the cookie is used to store the name of the user, the value parameter will store the actual name - e.g. John

3. expiration_date - the lifetime of the cookie. After this date, the cookie expires and is unusable

4. path - the path refers to the URL from which the cookie is valid and allowed

5. domain - the domain the created the cookie and is allowed to read the contents of the cookie

6. secure - specifies if the cookie can be sent only through a secure connection - e.g. SSL enable sessions

The following is an example that displays to the user how many times a specific web page has been displayed to the user. Copy the code below (both the php and the html) into a file with the .php extension and test it out.

[?php //check if the $count variable has been associated with the count cookie if (!isset($count)) {

$count = 0; } else {

$count++; } setcookie("count", $count, time()+600, "/", "", 0); ?]

[html]

[head]

[title]Session Handling Using Cookies[/title]

[/head]

[body]

This page has been displayed: [?=$count ?] times.

[/body] [/html]

The next installment discusses how to manage sessions using PHP session handling functions with cookies enabled...

Installment 3

PHP Session Handling - Cookies Enabled

Instead of storing session information at the browser through the use of cookies, the information can instead be stored at the server in session files. One session file is created and maintained for each user session. For example, if there are three concurrent users browsing the website, three session files will be created and maintained - one for each user. The session files are deleted if the session is explicitly closed by the PHP script or by a daemon garbage collection process provided by PHP. Good programming practice would call for sessions to be closed explicitly in the script.

The following is a typical server-browser sequence of events that occur when a PHP session handling is used:

1. The server knows that it needs to remember the State of browsing session

2. PHP generates a sssion ID and creates a session file to store future information as required by subsequent pages

3. A cookie is generated wih the session ID at the browser

4. This cookie that stores the session ID is transparently and automatically sent to the server for all subsequent requests to the server

The following PHP session-handling example accomplishes the same outcome as the previous cookie example. Copy the code below (both the php and the html) into a file with the .php extension and test it out.

[?php //starts a session session_start();

//informs PHP that count information needs to be remembered in the session file if (!session_is_registered("count")) {

session_register("count");

$count = 0; } else {

$count++; }

$session_id = session_id(); ?]

[html]

[head]

[title]PHP Session Handling - Cookie-Enabled[/title]

[/head]

[body]

The current session id is: [?=$session_id ?]

This page has been displayed: [?=$count ?] times.

[/body] [/html]

A summary of the functions that PHP provides for session handling are:

1. boolean start_session() - initializes a session

2. string session_id([string id]) - either returns the current session id or specify the session id to be used when the session is created

3. boolean session_register(mixed name [, mixed ...]) - registers variables to be stored in the session file. Each parameter passed in the function is a separate variable

4. boolean session_is_registered(string variable_name) - checks if a variable has been previously registered to be stored in the session file

5. session_unregister(string varriable_name) - unregisters a variable from the session file. Unregistered variables are no longer valid for reference in the session.

6. session_unset() - unsets all session variables. It is important to note that all the variables remain registered.

7. boolean session_destroy() - destroys the session. This is opposite of the start_session function.

The next installment discusses how to manage sessions using PHP session handling functions when cookies are disabled...

Installment 4

PHP Session Handling - Without Cookies

If cookies are disabled at the browser, the above example cannot work. This is because although the session file that stores all the variables is kept at the server, a cookie is still needed at the browser to store the session ID that is used to identify the session and its associated session file. The most common way around this would be to explicitly pass the session ID back to the server from the browser as a query parameter in the URL.

For example, the PHP script generates requests subsequent to the start_session call in the following format: http://www.yourhost.com/yourphpfile.php?PHPSESSID=[actual session ID]

The following are excerpts that illustrate the discussion:

Manually building the URL:
$url = "http://www.yoursite.com/yourphppage.php?PHPSESSID=" . session_id(); [a href="[?=$url ?]"]Anchor Text[/a]

Building the URL using SID:
[a href="http://www.yoursite.com/yourphppage.php?[?=SID ?]"]Anchor Text[/a]

Used with the author's permission.

This article is written by John L.
John L is the Webmaster of designer banners (designer banners).

one time home cleaning Highland Park ..
In The News:

Privacy risks are hiding in plain sight, as your personal data is likely being collected, tracked, and sold without your knowledge.
VenHub, a fully autonomous, AI-powered smart store just opened at the LAX/Metro Transit Center in Los Angeles.
A woman's Facebook account takeover reveals dangerous social engineering tactics and provides lessons on recovery, avoiding scams and enacting stronger security measures.
Shanghai engineers are using 432 walking robots to relocate a complex, preserving Shikumen architecture while creating space for a modern underground hub and cultural center.
Major healthcare data analytics firm Episource had a cybersecurity incident exposing 5 million patients' medical records and personal information in recent breach.
A new sophisticated PayPal scam sends legitimate-looking emails from official PayPal addresses, using phone numbers instead of links to convince victims to download remote access tools.
Fox News' AI Newsletter brings you the latest on this rapidly evolving technology.
The innovative Kara Pod device extracts moisture from air to create mineral-rich water and brew coffee, featuring UV sterilization and compatibility with Nespresso pods.
Gov. Hochul unveiled New York's nuclear power plant project to power a million homes, which faces permit challenges while promising jobs and a cleaner energy future.
SAFE introduces Aerie, an underground luxury bunker combining high-end living with advanced security, wellness amenities and interactive walls simulating panoramic views.
A Facebook scammer posing as Elon Musk tricked a victim with promises of a Tesla and $250,000, requesting gift cards that become untraceable once the codes are shared.
Experience hands-free golfing with the Robera Neo smart caddie that uses AI to follow you, navigate obstacles and carry your clubs with GPS course mapping.
Cybersecurity alert: 16 billion passwords exposed in massive credential database affecting major platforms. Protect your accounts with password managers
The innovative BeBot robot uses electric power to remove pollution from shorelines, covering 20-30 times more area than manual collection while preserving wildlife.
A new ClickFix campaign targets macOS users with fake Spectrum support sites, tricking victims with CAPTCHA failures to paste commands that install information-stealing malware.
AI-powered autonomous trucks from Plus Automation are being tested across the U.S., Europe and Asia to solve logistics challenges while facing regulatory hurdles and labor concerns.
Your health information might feel private and secure with your doctor, but the reality is far more complicated. Data brokers collect a wide range of sensitive health data, from diagnoses and prescription details to personal identifiers, and sell this data to marketers, insurers, and other third parties.
Kepler Robotics has officially introduced its Forerunner K2 "Bumblebee" humanoid robot at the SAIC-GM automotive plant in Shanghai, marking a significant moment in the real-world deployment of advanced robotics.
Scammers never seem to be running out of new ways to try and get their hands on your money – and lately, they've been getting sophisticated.
Thirty people were injured and killed, though the exact number remains currently unknown, when a suicide bomber blew himself up in a Damascus church.
Unexpected password reset alerts signal potential hacking attempts or phishing scams. Learn how to respond and establish stronger security measures for your accounts.
A historic electric airplane flight landed at JFK with passengers, marking a milestone as Beta Technologies demonstrates the practicality and efficiency of electric air travel.
The Chaos ransomware group breached Optima Tax Relief in a double-extortion attack, stealing sensitive customer case files and corporate documents with personal information.
Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future.
The first human brain-computer interface by Paradromics was completed in 20 minutes, featuring microelectrodes to help paralyzed individuals control computers with thoughts.

Building eCommerce Websites that Work - Part 2

Succeeding with an eCommerce website is a dream for many... Read More

Nonsense! Why Do I Need a Website?

"I don't sell anything online, I don't advertise online, in... Read More

What is The Google Toolbar?

No matter what browser you may want to use, you... Read More

Beyond Web Usability: Web Credibility

If you've been developing websites on Mars for the past... Read More

2 Key Ways to Make Your Site a Success

If one more business owner tells me their website sucks... Read More

5 Tips To Supercharge Your Website Sales Copy

The art of turning website visitors into paying customers depends... Read More

Web Site Promotion: How To Advertise Your Website For Profits

Making money with your web site is the dream and... Read More

Do You And Your Website Have Credibility?

I recently received an unsolicited e-mail from some company offering... Read More

Why Should Your Business Go O.N.L.I.N.E.

Optimize your time. How much time each day must you... Read More

Why to Have a Website for Your Company

After having decided to start a business, the next thing... Read More

Website Conversion Rate: More Keywords Equals More Sales

Your website conversion rate should concern you. This simply refers... Read More

Build a Strong Foundation for Creating Your First Online Identity ? Notes for Beginners

If you are looking for creating your online presence you... Read More

Maximizing ROI via Web Site Traffic Analysis

We are clearly well past the innocent "golden age" of... Read More

Top 7 Tips for Building an Antique Car Website

Like wine cars get more attractive to collectors as years... Read More

Profitable Websites for Exclusive Industries

In the region where my company is located, South Bend,... Read More

Guide to Internet Business - Design and Content

After deciding what kind of internet business you want to... Read More

Streamline your Business Website with a Content Management System

I talk with so many people who have small businesses... Read More

Autoresponders Make You Look Like A Pro

People like to get immediate responses to requests. Autoresponders are... Read More

How to Promote Your Law Firm Website On the Internet for Maximum Profit

Making maximum profit from your law firm website is important,... Read More

How to Make Your Own Website For Free

If you like the Internet and surfing through the billions... Read More

Web Designer? You Dont Need No Stinkin Web Designer!

RIVERSIDE, CA August 4, 2004 ?- "Historically, small business owners... Read More

Ever Wondered What Challenges Other People With Their Web Site?

Have you ever wondered what challenges are faced by other... Read More

Web accessibility for screen magnifier users

The needs of screen magnifier users are overlooked when implementing... Read More

Ten Quick Tests To Check Your Website For Accessibility

The Disability Discrimination Act says that websites must be made... Read More

Top 10 Webmaster Challenges

Webmasters deal with a myriad of complex design challenges every... Read More

licensed cleaning services Park Ridge ..