0% found this document useful (0 votes)
46 views21 pages

Lecture - 10 - Session

Sessions allow storing and retrieving user-specific information across multiple pages. PHP sessions work by assigning a unique ID to each user, and storing data in the server tied to that ID. To use sessions, session_start() must be called before sending any output. Data can then be stored in the $_SESSION superglobal array and accessed on subsequent pages during the same session. The isset() function checks if a session variable has already been set before accessing or updating its value. Sessions provide stateful functionality to an otherwise stateless protocol like HTTP.

Uploaded by

splokbov
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
46 views21 pages

Lecture - 10 - Session

Sessions allow storing and retrieving user-specific information across multiple pages. PHP sessions work by assigning a unique ID to each user, and storing data in the server tied to that ID. To use sessions, session_start() must be called before sending any output. Data can then be stored in the $_SESSION superglobal array and accessed on subsequent pages during the same session. The isset() function checks if a session variable has already been set before accessing or updating its value. Sessions provide stateful functionality to an otherwise stateless protocol like HTTP.

Uploaded by

splokbov
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

Sessions & Redirection

Agenda
• Redirection
• Session
PHP Redirection – Option 1

• Redirecting to a different page


Header(Location:success.php)

success.php
Success
Login :

Password :
processLogin.php
Login
Error
Invalid Login and Password !
Error.php

Header(Location:error.php)
PHP Redirection – Option 2
(using parameters)

• Redirecting to the same page using parameters


Header(Location:welcome.php)

welcome.php
Success
Login : Success

Password :
processLogin.php
Login
Error
Invalid Login and Password !
Header(Location:login.php?login=no)
PHP Redirection – Option 2
(processLogin.php explained)
<?php //processLogin.php

$user = $_POST["txt_user"]; // getting Form Input values from login.php


$pwd = $_POST["txt_pwd"];

if (($user == "admin")&&($pwd=="admin")) // checking login and password


{
session_start(); // starting a session
$_SESSION['user'] = $user;
header('Location:welcome.php'); // redirection to welcome.php

}
else {

header('Location:login.php?login=no'); // redirection with parameter


}

?>
PHP Redirection – Option 2
(login.php explained)

…. HTML codes to display


<?php
if (isset($_GET["login"])){
if ($_GET["login"]=="no"){
echo "<br>Invalid Login and Password ! <br>";
}
Login :
}
Password :
?>
Login
…. HTML codes to display Invalid Login and Password !
Introduction to sessions
• A normal HTML website does not pass data
from one page to another.
• All information is forgotten when a new page
is loaded.
• Quite a problem for shopping websites. E.g.
shopping cart requiring data to be
remembered from one page to the next ( user
selected product.
Why use session
• A session solves this problem by allowing the
storage of user information on the server (i.e.
username, shopping cart items, etc)
• However, this session information is
temporary and is usually deleted after the
user has left the website that uses sessions
• If more permanent storage is required, then a
database can be used
PHP Sessions
• Sessions work by creating a unique
identification(UID) number for each visitor
and storing variables based on this ID
• This helps to prevent two users' data from
getting confused with one another when
visiting the same webpage
PHP Session
• A PHP session variable is used to store
information about, or change settings for a
user session
• Session variables hold information about one
single user, and are available to all pages in
one application
Starting a PHP Session
• Before storing user information, you must first
start the session
• It must be at the very beginning of your code,
before any HTML or text is sent

<?php
session_start(); // start a php
session
?>
Storing a session variable
• To store user data in a session use the $_SESSION
associative array.
• You can both store and retrieve session data.

<?php
session_start(); // start a $_SESSION
[‘views’] =1; /store session data
Echo “Pageviews =“ . $_SESSION
[‘views’]
?>
ISSET funtion
• Before using a session variable it is necessary
that you check to see if it exists already !
• isset is a function that takes any variable you
want to use and checks to see if it has been
set
Example 1
• Consider the example in session1.php, a
pageview counter can be created by using
isset to check if the pageview variable has
already been created
• If it has, the counter is incremented. If it does
not exist a pageview counter can be created
and set to one.
Storing and Retrieving Data –
session1.php
<?php
session_start();
if(isset($_SESSION['views']))
$_SESSION['views'] = $_SESSION['views']+ 1;
else
$_SESSION['views'] = 1;
echo "views = ". $_SESSION['views'];
?>
Example 2
• In the following example, a user has to visit
the first page and is then provided access to
the second page
• If user tries to access the second page directly,
he will be redirected to the first page
• Note the use of isset to check whether the
session id has been created – if it has not been
created, user is redirected to first page
Example 2- firstpage.php
<?php
session_start();
$_SESSION['ID']=1234;
?>
<html>
<body>
Check Page – If the user is visiting this page first, then
he will be assigned an ID
<br><a href="secondpage.php">Second Page</a>
</body>
</html>
Example 2- secondpage.php
<?php
session_start();
if(!isset($_SESSION['ID']))
{
header("Location:http://localhost/firstpage.php");
exit();
}
?>
<html>
<body>The user can only view this page if he has gone through the
first page, otherwise he will be redirected to the first page.
</body>
</html>
Cleaning and destroying session
<?php
session_start();
if(isset($_SESSION['cart']))
unset($_SESSION['cart']);
?>

Or to completely destroy the session use session_destroy


<?php
session_start();
session_destroy();
?>
Reading Materials – PHP Filter
What is a PHP Filter?
• A PHP filter is used to validate and filter data coming from insecure
sources.
• To test, validate and filter user input or custom data is an important
part of any web application.
• The PHP filter extension is designed to make data filtering easier
and quicker.
Functions and Filters
• To filter a variable, use one of the following filter functions:
– filter_var() - Filters a single variable with a specified filter
– filter_var_array() - Filter several variables with the same or
different filters
– filter_input - Get one input variable and filter it
– filter_input_array - Get several input variables and filter them
with the same or different filters
Reference: http://www.w3schools.com/php/php_filter.asp
Ref
• http://www.tizag.com/phpT/phpsessions.php
• Previous web tech lecture slides

You might also like