Working with Cookies
Session 16
Review - I
Database APIs allows the developers
to write applications that are
easily accessible between the
database products
PHP supports MySQL database for
accessing data from the database
server
MySQL does not have its own APIs
mysql_connect() function connects
with the MySQL server
PHP / Session 16 / Slide 2 of 24
Review - II
Functions used with the database
are:
mysql_list_dbs()
mysql_select_db()
mysql_list_tables()
mysql_num_rows()
Data access functions of MySQL are:
mysql_query()
mysql_fetch_array()
mysql_fetch_row(),
mysql_fetch_field()
PHP / Session 16 / Slide 3 of 24
Objectives
Set a cookie
Retrieve PHP cookie
Delete a cookie
Cookie security issues
PHP / Session 16 / Slide 4 of 24
What are Cookies?
Websites use cookies to store
user-specific information
Cookies are stored on the hard
disk of the Web browser
User information and preferences
are send between Web browser and
Web server
PHP / Session 16 / Slide 5 of 24
Static Web Pages
When a Web browser requests for a static
Web page, the server responds by sending
the Web page the browser requested for
No user interaction
PHP / Session 16 / Slide 6 of 24
Dynamic Web Pages
Require user interaction
Take in information from the user
and record it for further processing
PHP / Session 16 / Slide 7 of 24
Types of Cookies
Persistent - Remains stored in
the Web browser for a period
specified during the time of it’s
creation
Non-persistent - Deleted from the
Web browser as soon as the user
closes the browser
PHP / Session 16 / Slide 8 of 24
Common Uses of Cookies
Enable websites determine:
Number of times the user has visited the website
Number of new visitors
Number of regular users
Frequency of a visitor visiting the website
Store the date that a user last visited the website
Maintain a customized Web page settings for a user
PHP / Session 16 / Slide 9 of 24
Working with Cookies
Web servers and Web browsers send
each other cookies in HTTP
headers
Web server sends the cookie in a
Set-Cookie header field
Set-Cookie is a part of HTTP
response
PHP / Session 16 / Slide 10 of 24
Setting a Cookie
Refers to sending the cookie to the
browser
PHP uses two functions to set a
cookie, such as:
setcookie(): Sends cookie with urlencoding
setrawcookie(): Sends cookie without
urlencoding
PHP / Session 16 / Slide 11 of 24
setcookie() Function
Generates a correct header field
that is sent along with the rest of
the header information
Syntax:
setcookie(name, value, expire, path,
domain, secure)
PHP / Session 16 / Slide 12 of 24
Example of setcookie() Function
setcookie("mycookie", $mapname,
time()+86400, "/webmap/",
".webworldmaps.com");
Where,
mycookie - Name of the cookies
time()+3600 - Time when the cookie will expire
/webmap – Path where the cookie will be stored
.webworldmaps.com – Domain that the cookie will use
PHP / Session 16 / Slide 13 of 24
Retrieving Cookie Value
PHP provides three ways of
retrieving a cookie value:
Passing a variable as cookie name
Using $_COOKIE[]
Using $HTTP_COOKIE_VARS[]
PHP / Session 16 / Slide 14 of 24
Passing Variable as Cookie Name
Use the variable as the cookie
name
Syntax:
echo $cookie_name
PHP searches all the variables
present in the client computer
Works only when the
‘register_globals’ is disabled in
the configuration file
PHP / Session 16 / Slide 15 of 24
Using $_COOKIE[]
Requires PHP 4.1
Simpler and more secured than
using the $HTTP_COOKIE_VARS[]
Syntax:
$_COOKIE[‘$cookie_name’]
PHP / Session 16 / Slide 16 of 24
Using $HTTP_COOKIE_VARS[]
Global variable that reads a value
of the cookie
PHP passes the name of the variable
as the key to the
$HTTP_COOKIE_VARS[] array
Syntax:
$HTTP_COOKIE_VARS[$cookie_name];
PHP / Session 16 / Slide 17 of 24
Deleting a Cookie - I
Similar to setting a cookie
Two ways to delete a cookie:
Resetting the expiry time of the cookie to a
time in the past
Resetting the cookie by specifying the name of
the cookie
PHP / Session 16 / Slide 18 of 24
Deleting a Cookie - II
Example to delete a cookie with a
date in the past:
setcookie ("$cookie_name", "",
time()-8000);
Example to delete Cookie by
specifying the name of the cookie:
setcookie($cookie_name);
PHP / Session 16 / Slide 19 of 24
Drawbacks of Cookies - I
Cookies are not considered secured
and reliable
Some of the drawbacks of cookies:
Cookies cannot contain more than a certain amount of
information
Only a maximum of 20 cookies of a domain can be
maintained
A browser can maintain a maximum of 300 cookies
Storing large number of cookie files slows down the computer
PHP / Session 16 / Slide 20 of 24
Drawbacks of Cookies - II
Some users disable cookies while accessing
websites
There can be multiple persons using the same
computer visiting the same website
Cookies need to be called on each Web page
PHP / Session 16 / Slide 21 of 24
Summary - I
Websites use cookies to store userspecific information
Cookies are stored on the Web
browser’s hard disks
User information and preferences are
send to and from the Web browser
Types of cookies:
Persistent
Non-persistent
Web server sends the cookie in a SetCookie header field
PHP / Session 16 / Slide 22 of 24
Summary - II
PHP provides three ways of
retrieving a cookie value:
Passing a variable as cookie name
Using $_COOKIE[]
Using $HTTP_COOKIE_VARS[]
PHP uses two functions to set a
cookie, such as
setcookie()
setrawcookie()
PHP / Session 16 / Slide 23 of 24
Summary - III
Two ways to delete a cookie:
Resetting the expiry time of the cookie to a time in the past
Resetting the cookie by specifying the name of the cookie
Drawbacks of cookies:
Cookies cannot contain more than a certain amount of information
Only a maximum of 20 cookies of a domain can be maintained
A browser can maintain a maximum of 300 cookies
Some users disable cookies while accessing websites
Storing large number of cookie files slows down the computer
PHP / Session 16 / Slide 24 of 24