Cookies in php lecture 2

© Copyright 2012 Hidaya Trust (Pakistan) ● A Non-Profit Organization ● www.hidayatrust.org / www,histpk.org

Hidaya Institute of Science &

Technologywww.histpk.org

A Division of Hidaya Trust, Pakistan


COOKIES


Lecture# 2


Persistent Cookies

• “A persistent cookie is one stored as a file on your computer, and it remains there when you close Browser. The cookie can be read by the Web site that created it when you visit that site again.”


bool setcookie ( string name [, string value [, int expire]])

• name: This argument sets the name of the cookie.for example setcookie(‘mycookie’, …) will set mycookie and is called $_COOKIE['mycookie'] at server side.

• value: This will set the value of the cookie. Since this values is stored on the client browser extra care must be taken that it does not store some secure information e.g passwords. The value is accessed by $_COOKIE['mycookie'] at the web server.

• expire: Sets the expire time of cookie. It is Unix timestamp so generally it is used with time() function. For example time()+60*30. This will set the cookie to expire in 30 minutes. If not set the cookie is not persistent and will expire when the browser closes.

setcookie() Syntax:


bool setrawcookie ( string name [, string value [, int expire]])

• But setrawcookie() do not encode the value given in the cookie. When ',; \t\r\n\013\014‘ are given in value, it will not be viewed.

• To prevent cookie from this problem, we need to encode the value.– use rawurlencode(cookie_value) or urlencode(cookie_value) to

encode it.

Another way to Set Cookie


• setcookie– Introduced in (PHP 4, PHP 5)– Send a cookie– setcookie() defines a cookie to be sent along with the rest of the HTTP headers.

Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including<html> and <head> tags as well as any whitespace.

– Automatically encodes by replacing “ “ with “+”.

• setrawcookie– Introduced in (PHP 5)– Send a cookie without urlencoding the cookie value– setrawcookie() is exactly the same as setcookie() except that the cookie value

will not be automatically urlencoded when sent to the browser.– Don’t encodes the data automatically.

• $_COOKIE became available in PHP 4.1.0

Difference B/W Both Ways


• In PHP, cookies are set with the setcookie() / setrawcookie() function, which accepts six arguments:

• the cookie name, its value, its expiry date (in UNIX timestamp format),

• its path and domain, and a Boolean flag indicating its security status.

• Only the first argument is required, all the rest are optional.• To better understand this, consider the following example script:<?phpsetcookie('username', 'admin', time()+86400);

or setrawcookie('username', urlencode('admin‘), time()+86400);?>• The setcookie() / setrawcookie() function returns true if successful. By checking

for this.

• You can set multiple cookies, simply by calling setcookie() / setrawcookie() once for each cookie.

Setting Persistent Cookies


• To delete a cookie, simply use setcookie() / setrawcookie() with its name to set the cookie’s expiry date to a value in the past.

<?php

setcookie('username', 'admin', time()- 86400);

orsetrawcookie('username', rawurlencode('admin‘), time()- 86400);

?>

Deleting Cookies


• convert_uuencode– string convert_uuencode ( string $data )

• convert_uudecode– string convert_uudecode ( string $data )

Other Techniques for encoding


• Entend Assignment# 2, on login panel it should have a checkbox, click it to open a combobox having values. Select value(i.e. time). Set time to cookies / Set persistant cookies. User should be logged in until cookies are alive even browser is closed. But if user logged out, He/She needs to login again.

Assignments

Education

Cookies in php lecture 2