Chapter 10 Maintaining State Information Using Cookies

1
Chapter 10Maintaining State
InformationUsing Cookies
2
Understanding State Information

• State information
• Information about individual visits to a Web site
• Stateless
• Original design of HTTP
• Every request for a Web page is a unique user
  session
• Maintaining state
• Storing persistent information about Web site
  visits
• May use hidden form fields, query strings,
  cookies or sessions

3
Maintaining State Information

• Customize individual Web pages based on user
  preferences
• Temporarily store information for a user as a
  browser navigates within a multipart form
• Keep track of how many times a user has visited a
  Web site
• Provide shopping carts that store order
  information
• Store user IDs and passwords

4
Understanding State Information
Figure 10-1 Skyward Aviation Frequent Flyer Web
site page flow
5
Using Cookies to Save State

• Small pieces of information that can be exchanged
  between a client and a server
• Used to store state information beyond the
  current Web page session
• Created by Netscape

6
Using Cookies to Save State

• Temporary cookies
• Available only for the current browser session
• Persistent cookies
• Available beyond the current browser session
• Stored in a text file on a client computer
• Limitations
• A server or domain can not store more than 20
  cookies on a users computer
• Total cookies per browser cannot exceed 300
• The largest cookie size is 4 kilobytes

7
Creating Cookies

• setcookie() function
• setcookie(name ,value ,expires, path, domain,
  secure)
• Call setcookie() before sending the Web browser
  any output, including echo or print statements
• Users may reject cookies
• A value of true is returned even if a user
  rejects the cookie
• Only name is required
• use an empty string to omit value, path and
  domain
• specify 0 to omit expires and secure arguments

8
name and value

• Cookies created with only the name and value
  arguments are temporary cookies
• Available for only the current browser session
• setcookie(name, Mickey Mouse)
• ?
• Strict//EN
• http//www.w3.org/TR/xhtml1/DTD/xhtml1-strict
  .dtd
• My Web Site
• ...

9
Creating Multiple Cookies

• The setcookie() function can be called multiple
  times to create additional cookies
• setcookie("first", Mickey")
• setcookie("last", Mouse")
• setcookie("occupation", actor")

10
The expires Argument

• Determines how long a cookie can remain on a
  client system before it is deleted
• If omitted, cookies are available for only the
  current browser session
• To specify a cookies expiration time, use PHPs
  time() function
• setcookie(name, Mickey, time()3600)
• setcookie(name, Mickey, time()606024
  7)

expires in one hour
expires in one week
11
The path Argument

• The path argument determines the availability of
  a cookie to other Web pages on a server
• Allows cookies to be shared across a server
• A cookie is available to all Web pages in a
  specified path as well as all subdirectories in
  the specified path
• setcookie(name, Mickey, time()3600,
  /marketing/)
• setcookie(name, Mickey, time()3600, /)

12
The domain Argument

• The domain argument is used for sharing cookies
  across multiple servers in the same domain
• Cookies cannot be shared outside of a domain
• setcookie(name, Mickey, time()3600, /,
  .disney.com)

13
The secure Argument

• Allows a cookie only to be transmitted across a
  secure Internet connection
• May use HTTPS or another security protocol
• Assign a value of 1 (for true) or 0 (for false)
• setcookie(name, Mickey, time()3600, ,
  , 1)

14
Reading Cookies

• Cookies that are available to the current Web
  page are automatically assigned to the _COOKIE
  autoglobal
• Use the cookie name as a key in the associative
  _COOKIE array
• echo _COOKIE'firstName'
• Newly created cookies are not available until
  after the current Web page is reloaded
• Part of HTTP header information
• Sent from client to server when request is made

15
Reading Cookies

• To ensure that a cookie is set before you attempt
  to use it, use the isset() function
• setcookie("first", Mickey")
• setcookie("last", Mouse")
• setcookie("occupation", actor")
• if (isset(_COOKIE'first')
• isset(_COOKIE'last')
• isset(_COOKIE'occupation'))
• echo "_COOKIE'firstName'
  _COOKIE'lastName'
• is a _COOKIE'occupation'."

16
Deleting Cookies

• To delete a cookie, call setcookie() with no
  value argument
• setcookie(name)

17
getFruit.htm
Fruit
method"post" Enter your favorite
fruitnbsp
/ /body
showFruit.php
"Your favorite fruit is " . _COOKIE"fruit"
else echo "I dunno your favorite
fruit." ?
storeFruit.php
//make persistent cookie for one day
setcookie("fruit",_POST"fruit",
mktime()606024) //redirect
header("Location showFruit.php") ?
18
Example

• You set up a site and include a login, but dont
  want to force the customer to log in every time
  they visit.
• A cookie can be used to store customer login
  information and automatically log them in when
  they revisit the site.