Scribd
Upload
3 views9 pages

PHP-File-Inclusion-A-Deep-Dive PHP Scripts

The document discusses PHP file inclusion, detailing the use of 'include' and 'require' functions for code reusability and organization, along with methods to prevent vulnerabilities. It also covers managing sessions and cookies, highlighting their differences, implementation steps, and best practices for secure management. Key practices include sanitizing input, restricting access, and regular cleaning of expired data.

Uploaded by

prabink721
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
3 views9 pages

PHP-File-Inclusion-A-Deep-Dive PHP Scripts

The document discusses PHP file inclusion, detailing the use of 'include' and 'require' functions for code reusability and organization, along with methods to prevent vulnerabilities. It also covers managing sessions and cookies, highlighting their differences, implementation steps, and best practices for secure management. Key practices include sanitizing input, restricting access, and regular cleaning of expired data.

Uploaded by

prabink721
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 9

PHP File Inclusion &

Managing sessions and


cookies
.

Presented by
Prabin kandel
Understanding File Inclusion

What is it? Why use it?

File inclusion allows you to bring code from other files It promotes code reusability and improves the
into your main PHP script. organization of complex projects.
File inclusion (Include & Require)

In PHP, include and require are used to include files into a script to
reuse code.

•Include: If the file is not found, it issues a warning but


the script continues running.
•Require: If the file is not found, it issues a fatal error and stops
script execution.
Include vs Require

1 Include 2 Require
Preventing File Inclusion
Vulnerabilities
Sanitize Input
Escape or validate user-supplied data before using it in
file paths.

Whitelisting
Restrict file inclusion to a predefined list of allowed files.

Restrict Access
Limit access to sensitive files and folders.
Sessions & cookies
Session cookies
Sessions store data on the server side and are used for temporary Cookies store small pieces of data on the client side for long-term usage .
state maintenance. Example:
Example: <?php
<?php setcookie("user", "JohnDoe", time() + (30 * 24 * 60 *
session_start(); 60), "/");

$_SESSION["username"] = "JohnDoe"; if(isset($_COOKIE["user"])) {


echo "Welcome back, " . $_COOKIE["user"];
if(isset($_SESSION["username"])) { } else {
echo "Hello, " . $_SESSION["username"]; echo "Hello, new user!";
} else { }
echo "No user is logged in."; ?>
}
?>
Sessions Timelines

Managing Sessions in PHP


1 Session Start
Initiates a session and assigns a unique ID to the user.

2 Data Storage
Stores session data on the server, accessible across
multiple pages.

3 Session End
Destroys the session and clears all associated data.
Implementing Cookies in PHP
Set Cookie
1 Create a cookie with a name, value, and expiration time.

Retrieve Cookie
2
Access the value of a cookie using its name.

Delete Cookie
3
Remove a cookie by setting its expiration time to the past.
Best Practices for Session and Cookie
Management

1 2 3
Secure Settings Limited Scope Regular Cleaning
Use strong session and cookie Restrict cookie access to specific Remove expired sessions and
security settings. domains and paths. cookies regularly.

You might also like