Page 222 - Open Soource Technologies 304.indd
P. 222
Web Technologies-I
Notes State is useful though, you cannot build a shopping-cart application, for example, if you cannot
keep track of a sequence of requests from a single user. You need to know when a user puts a
item in his cart, when he adds items, when he removes them, and what’s in the cart when he
decides to check out.
To get around the Web’s lack of state, programmers have come up with many tricks to keep
track of state information between requests (also known as session tracking). One such technique
is to use hidden form fields to pass around information. PHP treats hidden form fields just like
normal form fields, so the values are available in the $_GETand $_POST arrays. Using hidden
form fields, you can pass around the entire contents of a shopping cart. However, a more common
technique is to assign each user a unique identifier and pass the ID around using a single hidden
form field. While hidden form fields work in all browsers, they work only for a sequence of
dynamically generated forms, so they are not as generally useful as some other techniques.
Another technique is URL rewriting, where every local URL on which the user might click is
dynamically modified to include extra information. This extra information is often specified as
a parameter in the URL. For example, if you assign every user a unique ID, you might include
that ID in all URLs, as follows:
http://www.example.com/catalog.php?userid=123
If you make sure to dynamically modify all local links to include a user ID, you can now keep
track of individual users in your application. URL rewriting works for all dynamically generated
documents, not just forms, but actually performing the rewriting can be tedious.
A third technique for maintaining state is to use cookies. A cookie is a bit of information that the
server can give to a client. On every subsequent request the client will give that information
back to the server, thus identifying it. Cookies are useful for retaining information through
repeated visits by a browser, but they are not without their own problems. The main problem
is that some browsers do not support cookies, and even with browsers that do, the user can
disable cookies. So any application that uses cookies for state maintenance needs to use another
technique as a fallback mechanism.
The best way to maintain state with PHP is to use the built-in session-tracking system. This system
lets you create persistent variables that are accessible from different pages of your application, as
well as in different visits to the site by the same user. Behind the scenes, PHP’s session-tracking
mechanism uses cookies (or URLs) to elegantly solve most problems that require state, taking
care of all the details for you.
9.6.1 Cookies
A cookie is basically a string that contains several fields. A server can send one or more cookies
to a browser in the headers of a response. Some of the cookie’s fields indicate the pages for
which the browser should send the cookie as part of the request. The value field of the cookie
is the payload servers can store any data they like there (within limits), such as a unique code
identifying the user, preferences, etc.
Use the setcookie( ) function to send a cookie to the browser:
setcookie(name [, value [, expire [, path [, domain [, secure ]]]]]);
This function creates the cookie string from the given arguments and creates a Cookie header
with that string as its value. Because cookies are sent as headers in the response, setcookie( )
must be called before any of the body of the document is sent. The parameters of setcookie( ) are:
216 LOVELY PROFESSIONAL UNIVERSITY
