The first time a user accesses to a our pages
some connections and disconnections took place. During this process the
server and the client will interchange information to identify each
other.
PHP: Session
|
The first time a user accesses to a our pages some connections
and disconnections
took place. During this process the server and the client will
interchange
information to identify each other. Due to this exchange of information
our
server will be able to identify a specific user and this information
may be
use to assign specific information to each specific client. This
relationship
between computers is call a session. During the time a session is
active,
it is possible to assign information to a specific client by using Session related commands. After a few
minutes, the session will
expire, so that information
will be lost.
|
Showing number of times we have
visit
a page during a session
| counter.php |
|
<?
session_start();
$counter++;
print"You have visited this page $counter
times during this session";
session_register("counter");
?> |
1
2
3
4
5
6
|
In the example above each time we visit the page "counter.php"
during a
session we will show the message:
You have visited this page XXX times
during this
session
Where XXX is the number of time we have visited the page (reload to
increase
the number by one).
In line 2 of the script we have start a session, we have definned a
variable
named $counter and its value has been increased by one (in line 3;
$counter++ is equivalent to $counter= $counter+1), we
have
print a text (including the variable $counter) and finally we have
register
the session (we have included the name of our variable without "$" when
using
the latter command). Each time we visit this page the value for
$counter will
be increased by one.
This example will count the number of visits of each visitor; the
value
of the counter will be specific for each visitor.
In this example we have create a variable names $counter, but we may
create
additonal variables to save information from our visitors (p.e.
$the_color,
$the_age, etc) and we will need to register all of them (p.e.
session_register("the_color"),
session_register("The_age"), etc).
We may include the code above in several pages (p.e in
page1.php,
pahe2.php, etc), so that we will get the number of pages we have visit
on
that site during the active session.
| |
Password protection
using sessions
Let's suppose we want to allow specific user to access the
information
on our site. We will create a page named "index.php" to allow visitors
to
identify themselves, and additional pages (page1.php, page2.php...)
which
restricted access.
In this example we will consider two users (with usernames Joe or
Peter) and
the corresponding passwords(hi or hello).
|
| index.php |
|
| <?php if($_POST["username"]=="")
{ ?>
<html>
<title>Our private pages</title>
<body>
In order to access this pages fill the form
below:<BR>
<form method="post" action="index.php">
Username: <input type="text" name="username"
size="20"><BR>
Password: <input type="password" name="password"
size="15"><BR>
<input type="Submit" value="Submit">
</form>
</body>
</html>
<?php }else{
$username=$_POST["username"];
$password=$_POST["password"];
session_start();
if ($username=="Joe" AND $password=="hi"){
$permission="yes";}
if ($username=="Peter" AND $password=="hello"){
$permission="yes";}
$username=$_POST["username"];
session_register("permission");
session_register("username");
if($permission=="yes"){
?>
<html>
<title>Our private
pages</title>
<body>
Hi, you are allow to see these
pages: <BR>
<A href="page1.php">Page
1</A><BR>
<A href="page2.php">Page
2</A>
</body>
</html>
<?php }else{ ?>
Error in username or password
<?php } ?>
<?php } ?> |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
| |
|
Let's explain how this page works:
In line 1 it is checked whether information is submitted throw a
form.
If the answer is negative ($_POST["username"]==""), a form is
displayed
asking for username and password.
After filling the form and submitting it,
as $_POST["username"]
is not "", the script will jump to line 15. In line 16 and 17 user
entered
values for "username" and "password" are saved to variables $username
and
$pasword.
In lines 19 and 20 it is checked whether the username and password
provided
is one of the authorized ones. If so, variable $permission is set
up
as "yes". We may add several lines as the ones in lines 19 and 20 to
add
authorized usernames and passwords. then commands bellow are executed
(lines
20-25)
As shown in the the example "Showing
number
of times we have visit a page during a session" upper
in this page, between lines 18 and 24
we
will set up session related variables after session_start() and we will
register
these variables (so that we will be able to keep that information in
the
server during the time the session is active).
Finally, if username and password are correct, a response page with
links
is send to the visitor (lines 29-37). In this example, if the username
or
password are incorrect the response page will include the text in line
40.
Now, let's suppose the user clicks in the link "Page 1" (page1.php).
The
code of page1.php will be the following one:
| page1.php |
|
<?php
session_start();
if($permission=="yes") {
?>
<html>
<title>Page 1</title>
<body>
Hi, welcome to Page 1 <BR>
This page is empty at the moment, but it will be
very interesting in
the next
future
</body>
</html>
<?php }else{ ?>
You are not allowed to access this page
<?php } ?>
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
In lines 1-4 it is check whether the value for "$permission" is
"yes".
If the answer is positive a page with information is send to the
client. If
the answer is negative, the text in line 17 is send.
NOTES:
- Using session to keep information from visitors is suitable for
sites
with a limited number of visitors. For sites with a bigger number of
visitors
it is preferable to keep the information in the clients computer (by
using
cookies).
|
