Post on 19-Mar-2020
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Using PHP in a WebApplication
Internet Applications, ID1354
1 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Contents
2 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
3 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
CookiesI HTTP is stateless. Still there are many
reasons why it is useful for a server toidentify the client.
I Authentication (login)I SettingsI AdvertisingI Shopping basket
I This is solved with cookies.I A cookie is a name/value pair passed
between browser and server in the HTTPheader.
I A cookie is only passed to the server fromwhich it originated.
4 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
CookiesI HTTP is stateless. Still there are many
reasons why it is useful for a server toidentify the client.
I Authentication (login)I SettingsI AdvertisingI Shopping basket
I This is solved with cookies.
I A cookie is a name/value pair passedbetween browser and server in the HTTPheader.
I A cookie is only passed to the server fromwhich it originated.
4 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
CookiesI HTTP is stateless. Still there are many
reasons why it is useful for a server toidentify the client.
I Authentication (login)I SettingsI AdvertisingI Shopping basket
I This is solved with cookies.I A cookie is a name/value pair passed
between browser and server in the HTTPheader.
I A cookie is only passed to the server fromwhich it originated.
4 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
CookiesI HTTP is stateless. Still there are many
reasons why it is useful for a server toidentify the client.
I Authentication (login)I SettingsI AdvertisingI Shopping basket
I This is solved with cookies.I A cookie is a name/value pair passed
between browser and server in the HTTPheader.
I A cookie is only passed to the server fromwhich it originated.
4 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
CookiesI HTTP is stateless. Still there are many
reasons why it is useful for a server toidentify the client.
I Authentication (login)I SettingsI AdvertisingI Shopping basket
I This is solved with cookies.I A cookie is a name/value pair passed
between browser and server in the HTTPheader.
I A cookie is only passed to the server fromwhich it originated.
4 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Set a CookieI Cookies are set with the setcookie
function. Since cookies are sent as HTTPheaders, this function must be called beforeany output is generated.
setcookie (string $name, string $value,int $expire = 0, string $path,string $domain, bool $secure = false,bool $httponly = false)
I name and value is the cookie’sname/value pair.
I expire tells the instant in time when thecookie expires. time() returns thecurrent time, so time()+60*60*24*30sets the cookie to expire in 30 days.
5 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Set a CookieI Cookies are set with the setcookie
function. Since cookies are sent as HTTPheaders, this function must be called beforeany output is generated.
setcookie (string $name, string $value,int $expire = 0, string $path,string $domain, bool $secure = false,bool $httponly = false)
I name and value is the cookie’sname/value pair.
I expire tells the instant in time when thecookie expires. time() returns thecurrent time, so time()+60*60*24*30sets the cookie to expire in 30 days.
5 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Set a CookieI Cookies are set with the setcookie
function. Since cookies are sent as HTTPheaders, this function must be called beforeany output is generated.
setcookie (string $name, string $value,int $expire = 0, string $path,string $domain, bool $secure = false,bool $httponly = false)
I name and value is the cookie’sname/value pair.
I expire tells the instant in time when thecookie expires. time() returns thecurrent time, so time()+60*60*24*30sets the cookie to expire in 30 days.
5 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Set a CookieI Cookies are set with the setcookie
function. Since cookies are sent as HTTPheaders, this function must be called beforeany output is generated.
setcookie (string $name, string $value,int $expire = 0, string $path,string $domain, bool $secure = false,bool $httponly = false)
I name and value is the cookie’sname/value pair.
I expire tells the instant in time when thecookie expires. time() returns thecurrent time, so time()+60*60*24*30sets the cookie to expire in 30 days.
5 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Retrieve a Cookie
I Cookies are retrieved using the $_COOKIEsuperglobal, which is an array containing allcookies included in the current request.
I The following statement retrieves allcookies with the name userid.$_COOKIE["userid"];
I The isset function can be used to checkif a cookie is set.if (!isset($_COOKIE["userid"])) {
echo ’<a href="login.php">log in</a>’;}
6 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Retrieve a Cookie
I Cookies are retrieved using the $_COOKIEsuperglobal, which is an array containing allcookies included in the current request.
I The following statement retrieves allcookies with the name userid.$_COOKIE["userid"];
I The isset function can be used to checkif a cookie is set.if (!isset($_COOKIE["userid"])) {
echo ’<a href="login.php">log in</a>’;}
6 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
To Retrieve a Cookie
I Cookies are retrieved using the $_COOKIEsuperglobal, which is an array containing allcookies included in the current request.
I The following statement retrieves allcookies with the name userid.$_COOKIE["userid"];
I The isset function can be used to checkif a cookie is set.if (!isset($_COOKIE["userid"])) {
echo ’<a href="login.php">log in</a>’;}
6 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Third Party CookiesI Cookies set by a server with a domain
name different from the server’s.I If many servers set the same third party
cookie, the third party server can track theuser’s surfing.
I Typically used for marketing.I There are many other ways, beside
cookies, to identify a user for trackingpurposes, for example IP address, installedsoftware, fingerprinting browserinformation, social networks, pixelplacement + url rewriting, etc.
7 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Third Party CookiesI Cookies set by a server with a domain
name different from the server’s.I If many servers set the same third party
cookie, the third party server can track theuser’s surfing.
I Typically used for marketing.
I There are many other ways, besidecookies, to identify a user for trackingpurposes, for example IP address, installedsoftware, fingerprinting browserinformation, social networks, pixelplacement + url rewriting, etc.
7 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Third Party CookiesI Cookies set by a server with a domain
name different from the server’s.I If many servers set the same third party
cookie, the third party server can track theuser’s surfing.
I Typically used for marketing.I There are many other ways, beside
cookies, to identify a user for trackingpurposes, for example IP address, installedsoftware, fingerprinting browserinformation, social networks, pixelplacement + url rewriting, etc.
7 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Third Party CookiesI Cookies set by a server with a domain
name different from the server’s.I If many servers set the same third party
cookie, the third party server can track theuser’s surfing.
I Typically used for marketing.I There are many other ways, beside
cookies, to identify a user for trackingpurposes, for example IP address, installedsoftware, fingerprinting browserinformation, social networks, pixelplacement + url rewriting, etc.
7 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The EU Cookie LawA person shall not store or gain access toinformation stored, in the terminal equipment ofa subscriber or user unless the requirements ofparagraph (2) are met.
(2) The requirements are that the subscriber oruser of that terminal equipment
1. is provided with clear and comprehensiveinformation about the purposes of thestorage of, or access to, that information;and
2. has given his or her consent.
8 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Exceptions To The Law
I The cookie is for the sole purpose ofcarrying out the transmission of acommunication over an electroniccommunications network.
I Not relevant here.
I The cookie is strictly necessary for theprovision of an information society servicerequested by the subscriber or user.
I Likely applies to authentication and shoppingbaskets.
9 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Exceptions To The Law
I The cookie is for the sole purpose ofcarrying out the transmission of acommunication over an electroniccommunications network.
I Not relevant here.I The cookie is strictly necessary for the
provision of an information society servicerequested by the subscriber or user.
I Likely applies to authentication and shoppingbaskets.
9 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Exceptions To The Law
I The cookie is for the sole purpose ofcarrying out the transmission of acommunication over an electroniccommunications network.
I Not relevant here.I The cookie is strictly necessary for the
provision of an information society servicerequested by the subscriber or user.
I Likely applies to authentication and shoppingbaskets.
9 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Exceptions To The Law
I The cookie is for the sole purpose ofcarrying out the transmission of acommunication over an electroniccommunications network.
I Not relevant here.I The cookie is strictly necessary for the
provision of an information society servicerequested by the subscriber or user.
I Likely applies to authentication and shoppingbaskets.
9 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Do Not Track Specification
I Do Not Track, DNT, is a W3C specificationenabling the user to express preferencesregarding tracking.
I Defines a HTTP header, and how to handleit on the server.
I It is not mandatory in any way to obey theusers preferences.
I Must be implemented by server developer.
10 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Do Not Track Specification
I Do Not Track, DNT, is a W3C specificationenabling the user to express preferencesregarding tracking.
I Defines a HTTP header, and how to handleit on the server.
I It is not mandatory in any way to obey theusers preferences.
I Must be implemented by server developer.
10 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Do Not Track Specification
I Do Not Track, DNT, is a W3C specificationenabling the user to express preferencesregarding tracking.
I Defines a HTTP header, and how to handleit on the server.
I It is not mandatory in any way to obey theusers preferences.
I Must be implemented by server developer.
10 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Do Not Track Specification
I Do Not Track, DNT, is a W3C specificationenabling the user to express preferencesregarding tracking.
I Defines a HTTP header, and how to handleit on the server.
I It is not mandatory in any way to obey theusers preferences.
I Must be implemented by server developer.
10 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
ArchitectureQuestion 1
11 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
12 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
SessionsI A session is the time span during which a particular
browser interacts with a particular server.
I For session tracking, PHP creates and maintains asession tracking id (Unique ID, UID), for each visitorand stores variables based on this UID.
I The UID is stored on the client, for example in acookie or as part of URLs, and included in eachrequest to the server.
I The only way to terminate a session is to manuallyunset all data related to the session in theserver-side code.
I If a session is not explicitly terminated, it times outafter an interval specified in server configuration,and session data is removed.
13 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
SessionsI A session is the time span during which a particular
browser interacts with a particular server.
I For session tracking, PHP creates and maintains asession tracking id (Unique ID, UID), for each visitorand stores variables based on this UID.
I The UID is stored on the client, for example in acookie or as part of URLs, and included in eachrequest to the server.
I The only way to terminate a session is to manuallyunset all data related to the session in theserver-side code.
I If a session is not explicitly terminated, it times outafter an interval specified in server configuration,and session data is removed.
13 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
SessionsI A session is the time span during which a particular
browser interacts with a particular server.
I For session tracking, PHP creates and maintains asession tracking id (Unique ID, UID), for each visitorand stores variables based on this UID.
I The UID is stored on the client, for example in acookie or as part of URLs, and included in eachrequest to the server.
I The only way to terminate a session is to manuallyunset all data related to the session in theserver-side code.
I If a session is not explicitly terminated, it times outafter an interval specified in server configuration,and session data is removed.
13 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
SessionsI A session is the time span during which a particular
browser interacts with a particular server.
I For session tracking, PHP creates and maintains asession tracking id (Unique ID, UID), for each visitorand stores variables based on this UID.
I The UID is stored on the client, for example in acookie or as part of URLs, and included in eachrequest to the server.
I The only way to terminate a session is to manuallyunset all data related to the session in theserver-side code.
I If a session is not explicitly terminated, it times outafter an interval specified in server configuration,and session data is removed.
13 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
SessionsI A session is the time span during which a particular
browser interacts with a particular server.
I For session tracking, PHP creates and maintains asession tracking id (Unique ID, UID), for each visitorand stores variables based on this UID.
I The UID is stored on the client, for example in acookie or as part of URLs, and included in eachrequest to the server.
I The only way to terminate a session is to manuallyunset all data related to the session in theserver-side code.
I If a session is not explicitly terminated, it times outafter an interval specified in server configuration,and session data is removed.
13 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Management
I A session is started with thesession_start function.
I To associate data with a session, use the$_SESSION superglobal.
I To delete all data from the session, use thesession_destroy function.
14 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Management
I A session is started with thesession_start function.
I To associate data with a session, use the$_SESSION superglobal.
I To delete all data from the session, use thesession_destroy function.
14 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Management
I A session is started with thesession_start function.
I To associate data with a session, use the$_SESSION superglobal.
I To delete all data from the session, use thesession_destroy function.
14 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is session data saved?
I We must understand that the lifetime of aPHP variable is limited to the execution ofthe program where it is created.
I This means that a variable created in onerequest will not exist in later requests.
I Therefore, the content of $_SESSIONmust be stored externally to the PHPinterpreter.
I This storage is called a session savehandler, and is configurable. Normally, andalso normally by default, a file is used.
15 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is session data saved?
I We must understand that the lifetime of aPHP variable is limited to the execution ofthe program where it is created.
I This means that a variable created in onerequest will not exist in later requests.
I Therefore, the content of $_SESSIONmust be stored externally to the PHPinterpreter.
I This storage is called a session savehandler, and is configurable. Normally, andalso normally by default, a file is used.
15 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is session data saved?
I We must understand that the lifetime of aPHP variable is limited to the execution ofthe program where it is created.
I This means that a variable created in onerequest will not exist in later requests.
I Therefore, the content of $_SESSIONmust be stored externally to the PHPinterpreter.
I This storage is called a session savehandler, and is configurable. Normally, andalso normally by default, a file is used.
15 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is session data saved?
I We must understand that the lifetime of aPHP variable is limited to the execution ofthe program where it is created.
I This means that a variable created in onerequest will not exist in later requests.
I Therefore, the content of $_SESSIONmust be stored externally to the PHPinterpreter.
I This storage is called a session savehandler, and is configurable. Normally, andalso normally by default, a file is used.
15 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.
I After session_start is called, PHP willlook for a cookie named PHPSESSID.
I If it is present, its value will be used as the idof the current session.
I If it is not present, it will be created and itsvalue will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.I After session_start is called, PHP will
look for a cookie named PHPSESSID.
I If it is present, its value will be used as the idof the current session.
I If it is not present, it will be created and itsvalue will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.I After session_start is called, PHP will
look for a cookie named PHPSESSID.I If it is present, its value will be used as the id
of the current session.
I If it is not present, it will be created and itsvalue will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.I After session_start is called, PHP will
look for a cookie named PHPSESSID.I If it is present, its value will be used as the id
of the current session.I If it is not present, it will be created and its
value will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.I After session_start is called, PHP will
look for a cookie named PHPSESSID.I If it is present, its value will be used as the id
of the current session.I If it is not present, it will be created and its
value will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
How is a session identified?I To fill the $_SESSION superglobal with the
current user’s data, the session savehandler must be able to identify the user.
I This is normally done using a cookie.I After session_start is called, PHP will
look for a cookie named PHPSESSID.I If it is present, its value will be used as the id
of the current session.I If it is not present, it will be created and its
value will be set to the id of the currentsession.
I We must understand that the PHPSESSIDcookie is the link between a browser andthat browser’s session data on the server.
16 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Example
At session startconst USER_KEY = ’user_key’;session_start();//Assuming $user is an object with user data.$_SESSION[USER_KEY] = serialize($user);
During the sessionif (isset($_SESSION[USER_KEY]) {
$my_data = unserialize($_SESSION[USER_KEY]);}
At session end.session_destroy();
17 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Example
At session startconst USER_KEY = ’user_key’;session_start();//Assuming $user is an object with user data.$_SESSION[USER_KEY] = serialize($user);
During the sessionif (isset($_SESSION[USER_KEY]) {
$my_data = unserialize($_SESSION[USER_KEY]);}
At session end.session_destroy();
17 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Session Example
At session startconst USER_KEY = ’user_key’;session_start();//Assuming $user is an object with user data.$_SESSION[USER_KEY] = serialize($user);
During the sessionif (isset($_SESSION[USER_KEY]) {
$my_data = unserialize($_SESSION[USER_KEY]);}
At session end.session_destroy();
17 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
ArchitectureQuestion 2
18 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
19 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
HTTP Parameters
I The $_GET and $_POST superglobals areused to retrieve HTTP parameters, forexample user input in a form.
I $_GET is an array with all parameters in aHTTP GET request, $_POST is a similararray for a POST request.
20 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
HTTP Parameters
I The $_GET and $_POST superglobals areused to retrieve HTTP parameters, forexample user input in a form.
I $_GET is an array with all parameters in aHTTP GET request, $_POST is a similararray for a POST request.
20 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
HTTP Parameter Example
The following code retrieves the value of theaddress parameter, which might originatefrom an HTML form.//The text field where the user types the address//must have the attribute name=’address’
const ADDRESS_KEY = ’address’;if (isset($_POST[ADDRESS_KEY])) {
$address = $_POST[ADDRESS_KEY];}
21 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
ArchitectureQuestion 3
22 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
23 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Application Scope DataI As opposed to other server-side
technologies, PHP does not havesomething like a $_SESSION superglobalthat is shared between different users.
I If data is to be shared between differentusers, such a mechanism must beconstructed.
I A simple approach is to store data withapplication scope in a file.
I Other alternatives are a database, an xmlfile or a plug-in such as memcached,http://www.memcached.org/, whichstores key/value pairs in memory.
24 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Application Scope DataI As opposed to other server-side
technologies, PHP does not havesomething like a $_SESSION superglobalthat is shared between different users.
I If data is to be shared between differentusers, such a mechanism must beconstructed.
I A simple approach is to store data withapplication scope in a file.
I Other alternatives are a database, an xmlfile or a plug-in such as memcached,http://www.memcached.org/, whichstores key/value pairs in memory.
24 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Application Scope DataI As opposed to other server-side
technologies, PHP does not havesomething like a $_SESSION superglobalthat is shared between different users.
I If data is to be shared between differentusers, such a mechanism must beconstructed.
I A simple approach is to store data withapplication scope in a file.
I Other alternatives are a database, an xmlfile or a plug-in such as memcached,http://www.memcached.org/, whichstores key/value pairs in memory.
24 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Application Scope DataI As opposed to other server-side
technologies, PHP does not havesomething like a $_SESSION superglobalthat is shared between different users.
I If data is to be shared between differentusers, such a mechanism must beconstructed.
I A simple approach is to store data withapplication scope in a file.
I Other alternatives are a database, an xmlfile or a plug-in such as memcached,http://www.memcached.org/, whichstores key/value pairs in memory.
24 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
File Handling
I Simple file handling can be done withfile_put_contents, which writes to afile, and file_get_contents, whichreads.
\file_put_contents($path_to_file,$data, FILE_APPEND);
\file_get_contents($path_to_file));
25 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
File Handling
I Simple file handling can be done withfile_put_contents, which writes to afile, and file_get_contents, whichreads.
\file_put_contents($path_to_file,$data, FILE_APPEND);
\file_get_contents($path_to_file));
25 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
ArchitectureQuestion 4
26 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
27 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Problem
I There is a list with buttons(or links) for multiple items,like the chat applicationexample to the left.
I How can we know whichbutton the user clicked? Inthis chat example, howcan we know which entryStina wants to delete?
28 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Problem
I There is a list with buttons(or links) for multiple items,like the chat applicationexample to the left.
I How can we know whichbutton the user clicked? Inthis chat example, howcan we know which entryStina wants to delete?
28 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden Field
I Make a form for each item in the list.I In this chat example, that means one form for
each entry that has a Delete button.
I Each form includes a hidden field, whichholds an identifier for the list item where theform is placed.
I In this example, we use the time when theentry was written as identifier.
29 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden Field
I Make a form for each item in the list.I In this chat example, that means one form for
each entry that has a Delete button.I Each form includes a hidden field, which
holds an identifier for the list item where theform is placed.
I In this example, we use the time when theentry was written as identifier.
29 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden Field
I Make a form for each item in the list.I In this chat example, that means one form for
each entry that has a Delete button.I Each form includes a hidden field, which
holds an identifier for the list item where theform is placed.
I In this example, we use the time when theentry was written as identifier.
29 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden Field
I Make a form for each item in the list.I In this chat example, that means one form for
each entry that has a Delete button.I Each form includes a hidden field, which
holds an identifier for the list item where theform is placed.
I In this example, we use the time when theentry was written as identifier.
29 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden Field
I A hidden field is not displayed in thebrowser, but included when the form issubmitted.
I The HTML for the chat conversation is listedbelow.
30 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Hidden FieldI A hidden field is not displayed in the
browser, but included when the form issubmitted.
I The HTML for the chat conversation is listedbelow.
30 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Server CodeI On the server, we simply read the
timestamp of the submitted form and deletethe entry with that timestamp.
I Code is not complete, just illustrates theprinciple. Complete code is found oncourse web page.
for ($i = count($entries) - 1; $i >= 0; $i--) {$entry = unserialize($entries[$i]);if ($entry->getTimestamp() ==
$_GET[CHAT_TIMESTAMP_KEY]) {$entry->setDeleted(true);$entries[$i] = serialize($entry);break;
}}
31 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
The Solution, Server CodeI On the server, we simply read the
timestamp of the submitted form and deletethe entry with that timestamp.
I Code is not complete, just illustrates theprinciple. Complete code is found oncourse web page.
for ($i = count($entries) - 1; $i >= 0; $i--) {$entry = unserialize($entries[$i]);if ($entry->getTimestamp() ==
$_GET[CHAT_TIMESTAMP_KEY]) {$entry->setDeleted(true);$entries[$i] = serialize($entry);break;
}}
31 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
ArchitectureQuestion 5
32 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Section
33 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Remember Object OrientedDesign?
I We want the code to be easy to modify andeasy to understand. To achieve this weneed (among other things):
I High Cohesion, Each class, method, etchas well-defined knowledge and awell-defined task.
I Low coupling, Objects and subsystems donot depend on each other more thannecessary.
I Encapsulation, Objects and subsystems donot reveal their internals.
34 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Remember Object OrientedDesign?
I We want the code to be easy to modify andeasy to understand. To achieve this weneed (among other things):
I High Cohesion, Each class, method, etchas well-defined knowledge and awell-defined task.
I Low coupling, Objects and subsystems donot depend on each other more thannecessary.
I Encapsulation, Objects and subsystems donot reveal their internals.
34 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Remember Object OrientedDesign?
I We want the code to be easy to modify andeasy to understand. To achieve this weneed (among other things):
I High Cohesion, Each class, method, etchas well-defined knowledge and awell-defined task.
I Low coupling, Objects and subsystems donot depend on each other more thannecessary.
I Encapsulation, Objects and subsystems donot reveal their internals.
34 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
Remember Object OrientedDesign?
I We want the code to be easy to modify andeasy to understand. To achieve this weneed (among other things):
I High Cohesion, Each class, method, etchas well-defined knowledge and awell-defined task.
I Low coupling, Objects and subsystems donot depend on each other more thannecessary.
I Encapsulation, Objects and subsystems donot reveal their internals.
34 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.
I This means using one PHP file for eachpossible HTTP request.
I However, handling everything related to aparticular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.
I However, handling everything related to aparticular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.I However, handling everything related to a
particular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.I However, handling everything related to a
particular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.
I High coupling since code for view handling,database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.I However, handling everything related to a
particular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.I However, handling everything related to a
particular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Very Simple ArchitectureI Server-side architecture is covered
extensively later in the course.I For now, we will use a very simple
architecture.I This means using one PHP file for each
possible HTTP request.I However, handling everything related to a
particular HTTP request in a separate filehas big disadvantages:
I Low cohesion since that file will do everything.I High coupling since code for view handling,
database access, etc, will be placed in thesame file.
I Duplicated code since similar code will appearin several such files.
35 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Slightly Better ArchitectureI Fragments (header, footer, etc) are
placed in a separate directory andincluded in each page.
I View (HTML code) is placed in separatefiles, chat.php and index.php.
I Entry.php is a class that representsan entry in the conversation. It isincluded where needed in the HTTPrequest handling PHP files.
I keys.php holds some constants thatare used in multiple places. It is includedwhere needed in the HTTP requesthandling PHP files.
I The files handling HTTP requests are login.php,store-entry.php and delete-entry.php
36 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Slightly Better ArchitectureI Fragments (header, footer, etc) are
placed in a separate directory andincluded in each page.
I View (HTML code) is placed in separatefiles, chat.php and index.php.
I Entry.php is a class that representsan entry in the conversation. It isincluded where needed in the HTTPrequest handling PHP files.
I keys.php holds some constants thatare used in multiple places. It is includedwhere needed in the HTTP requesthandling PHP files.
I The files handling HTTP requests are login.php,store-entry.php and delete-entry.php
36 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Slightly Better ArchitectureI Fragments (header, footer, etc) are
placed in a separate directory andincluded in each page.
I View (HTML code) is placed in separatefiles, chat.php and index.php.
I Entry.php is a class that representsan entry in the conversation. It isincluded where needed in the HTTPrequest handling PHP files.
I keys.php holds some constants thatare used in multiple places. It is includedwhere needed in the HTTP requesthandling PHP files.
I The files handling HTTP requests are login.php,store-entry.php and delete-entry.php
36 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Slightly Better ArchitectureI Fragments (header, footer, etc) are
placed in a separate directory andincluded in each page.
I View (HTML code) is placed in separatefiles, chat.php and index.php.
I Entry.php is a class that representsan entry in the conversation. It isincluded where needed in the HTTPrequest handling PHP files.
I keys.php holds some constants thatare used in multiple places. It is includedwhere needed in the HTTP requesthandling PHP files.
I The files handling HTTP requests are login.php,store-entry.php and delete-entry.php
36 / 36
PHP
Cookies
HTTP Sessions
HTTP Parameters
Application Scopeand File Handling
To Identify a List Item
Architecture
A Slightly Better ArchitectureI Fragments (header, footer, etc) are
placed in a separate directory andincluded in each page.
I View (HTML code) is placed in separatefiles, chat.php and index.php.
I Entry.php is a class that representsan entry in the conversation. It isincluded where needed in the HTTPrequest handling PHP files.
I keys.php holds some constants thatare used in multiple places. It is includedwhere needed in the HTTP requesthandling PHP files.
I The files handling HTTP requests are login.php,store-entry.php and delete-entry.php
36 / 36