Page 172 - Open Soource Technologies 304.indd
P. 172

Unit 10: Cookies



            header(‘Location: http://kossu/examples/login.php’);                                  Notes

            ?>
            The time() - 86400 is exactly one day ago, which is sufficiently in the past for our browser to
            forget the cookie data. As previously mentioned, putting authentication data into cookies (as
            we did in the previous examples) is not secure because cookies are so easily faked. PHP has, of
            course, a better solution: sessions.

            10.2 Setting Cookies


            To create and modify a cookie, use the PHP functionsetcookie(). setcookie() takes up to six
            arguments, depending upon how much control you want over the cookie and who can read
            its value.
            The simplest way of setting a cookie is:

            setcookie(‘name’, ‘bret’);

            Then, for every further page on your site viewed by this browser (without the user quitting)
            you’ll have the value of ‘bret’ stored in the variable $name for easy access in PHP. This type of
            cookie is known as a session cookie, since it lasts for the length of a user’s session.
            If you want the cookie to persist after the person exits his or her browser, you must passsetcookie()
            through a third parameter, the date you want the cookie to expire. Since PHP’s background
            springs fully formed from the head of UNIX, you represent this time as the number of seconds
            since January 1, 1970. If you’re a UNIX programmer, this makes complete sense. But, if you’re
            from a Windows or a Macintosh background, you’re just shaking your head wondering if you’ll
            ever understand those wacky UNIX folk.
            The main difference between a cookie and a session is that a cookie is stored on your computer,
            and a session is not. Although cookies have been around for many years and most people do
            have them enabled, there are some who do not. Cookies can also be removed by the user at any
            time, so don’t use them to store anything too important.

            A cookie is set with the following code: setcookie(name, value, expiration)

            10.3  Deleting Cookies with PHP

            PHP, or Hypertext Preprocessor, is an open-source scripting language primarily used for web
            programming. PHP code can be embedded into normal HTML code. A cookie is a web file that
            is used by a server to identify a user of that server. PHP is able to create cookies, retrieve cookie
            values and delete cookies.
            Deleting a cookie is almost the same as setting one. To delete it, you use the same parameters
            that you used when you set the cookie, except for the value, which needs to be an empty string,
            and the expiry date, which needs to be set in the past. On our logout page, we delete the cookie
            this way:

            <?php

                   setcookie(‘uid’, ‘’, time() - 86400, ‘/’);
                   header(‘Location: http://kossu/examples/login.php’);

            ?>


                                             LOVELY PROFESSIONAL UNIVERSITY                                   167
   167   168   169   170   171   172   173   174   175   176   177