web technology solutions

28
Date : 2/18/2014 Web Technology Solutions Class: State Management with PHP

Upload: hiero

Post on 07-Jan-2016

20 views

Category:

Documents


0 download

DESCRIPTION

Web Technology Solutions. Class: State Management with PHP. Date : 2/18/2014. Tonight. HTTP State OverviewCookies in PHPSessions in PHPiHear DB and App ReviewLab. Lab Preview. Install “State” in your authentication sub system. Install State via Sessions. Final Project Working Session - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Web Technology Solutions

Date : 2/18/2014

Web Technology SolutionsClass: State Management with PHP

Page 2: Web Technology Solutions

Tonight

✤ HTTP State OverviewCookies in

PHPSessions in PHPiHear DB and App

ReviewLab

Page 3: Web Technology Solutions

Lab Preview

✤ Install “State” in your authentication sub system.

✤ Install State via Sessions.

✤ Final Project Working Session

✤ Create CRUD functionality for Survey

✤ Install State throughout App.

✤ Auth

✤ Registration

✤ Survey

Page 4: Web Technology Solutions

HTTP Review

✤ HTTP is a “Stateless” protocol

✤ Requests between client and server retain no memory of the previous request or future requests.

✤ OK? So what does that mean to me as an app dev?

Page 5: Web Technology Solutions

HTTP Review

Want to Share info from page to page? You can’t!

Unless you...

Page 6: Web Technology Solutions

HTTP Review

Maintain State via...

Sessions Cookies

Page 7: Web Technology Solutions

HTTP Review

Page 8: Web Technology Solutions

Cookies with PHP

✤ Cookies are small files stored on your (clients) machine.

✤ Consists of clear text in named\value pairs (non-secure)

✤ Send by and stored in your browser.

✤ Sent in the HTTP Header

Page 9: Web Technology Solutions

Cookies with PHP

✤ Cookies are good for

✤ site prefs / personalization

✤ remember non-secure data

✤ shopping cart values

✤ remember me login’s

✤ Anything that doesn’t “break” the functionality of your site.

Page 10: Web Technology Solutions

Cookies with PHP

✤ Cookies are bad for

✤ storing sensitive data

✤ storing required data for app

✤ storage of persistent data

Page 11: Web Technology Solutions

PHP - setCookie

✤ setcookie();

✤ uses the PHP superglobal $_COOKIE (array)

✤ set’s a first party cookie on the client (browser)

✤ safe to store basic data values (not sensitive data like passwords)

✤ Browsers limit size of total count of cookies.

Page 12: Web Technology Solutions

PHP - setCookie

✤ setcookie()

✤ used to create a cookie

✤ param1: name

✤ param2: value

✤ param3: time to live in milsec

✤ param4: folder

✤ param5: domain

✤ param6: secure

✤ setcookie("user", “bob”, time()+3600, "/home", ".site.com", 1);

Page 13: Web Technology Solutions

PHP - setCookie

✤ setcookie()

✤ also used to delete

✤ setcookie ("user", "", time() - 3600);

✤ note the negative seconds.

✤ setcookie("user", “bob”, time()-3600, "/home", ".site.com", 1);

Page 14: Web Technology Solutions

Cookie Example

Page 15: Web Technology Solutions

PHP Sessions

Sessions

Page 16: Web Technology Solutions

Sessions in PHP

✤ Sessions store data on the server (note config)

✤ Sessions also store a session ID cookie on the client

✤ Sessions need to be started on each page

✤ PHP offers an auto start option in the php.ini

Page 17: Web Technology Solutions

Sessions in PHP

✤ Sessions are good for:

✤ Secure data

✤ Quasi-Persistent Storage

✤ Full App functionality.

Page 18: Web Technology Solutions

Sessions in PHP

✤ Three methods for passing Session ID

✤ via Cookie (default)

✤ via DB storage (ok)

✤ via URL (bad)

Page 19: Web Technology Solutions

Sessions in PHP

✤ Sessions are bad for:

✤ Overall very good to use.

✤ Beware session hijacking.

Page 20: Web Technology Solutions

PHP Sessions

✤ To start:

✤ session_start();

✤ needs to be called on EACH page or session data will not be carried onto that page.

✤ $_SESSION[‘name’] = value;

✤ echo $_SESSION[‘name’];

Page 21: Web Technology Solutions

PHP Sessions

✤ To kill session value

✤ unset($_SESSION['name']);

✤ To kill off all session data

✤ $_SESSION = array();

✤ session_destroy();

✤ setcookie('PHPSESSID', '',time()-300, '/',0);

Page 22: Web Technology Solutions

Session Example

Page 23: Web Technology Solutions

PHP Output Control

✤ Output Control allows you to tell PHP when to submit information to the browser.

✤ Great:

✤ Working with header(), avoid errors

✤ Controlling Browser Output

✤ Cons:

✤ Buffer Limits (default bite size of 4096kb)

✤ Memory Limits

Page 24: Web Technology Solutions

Output Buffering

ob_start();

Turns on output buffering

data is held within internal “buffer” waiting to be published to the browser.

Call at start of script

Can have a callback function

Can nest buffers

Page 25: Web Technology Solutions

Output Buffering

ob_end_flush()

Sends the data in the buffer to the browser

Turns off output buffer.

Loop through ob_end_flush() to close all jobs

Page 26: Web Technology Solutions

Output Buffering

ob_end_clean()

//removes data from the buffer (doesn’t go to browser)

ob_flush()

//send data to the browser but buffer remains on

ob_get_contents()

//get the content of the buffer (no browser or erase)

Page 27: Web Technology Solutions

App Review

Page 28: Web Technology Solutions

Lab & Next Week

✤ Lab

✤ implement sessions in app

✤ working session for final

✤ Reading: Chapter 13

See you Tuesday!