Cookies ans sessions

Cookies (client-side storage)

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!-- 
Cookies in PHP
Author: Elena Machkasova elenam@morris.umn.edu 
Last modified: 4/25/06 
--> 

<?php
// we must deal with cookies BEFORE the starting html tag

// get the cookie from the request, if there is a cookie
$count = $_COOKIE['count'];
// check if there was a cookie
if (!isset($count)) {
	$count = 0;	
}
// increment the counter
$count++;
// send back the cookie with the new count
// the cookie will expire in 10 minutes
setcookie('count', $count, time() + 600);
?>
<html>
<head>
<title>
Counting visits to a page
</title>
</head>
<body>
<?php
if ($count == 1) print "Welcome, new visitor!\n";
else print "Welcome back! You visited this page ".($count - 1)." times. \n";
?>

</body>
</html>

Sessions (server-side storage, cookies used for ID)

<?php
// -------------- define functions -----------------
function isvalid($user, $password) {
	// check if the user's password is valid
	// at this point all non-empty passwords are valid
	if ($password != "") return true;
	return false;	
}

function print_login_form() {
	$form_string = "
	<form name=\"theform\" method=\"POST\" 
	action=\"http://rynite.morris.umn.edu/~elenam/php_examples/sessions/login_session1.php\">
	<table border=\"0\">

	<tr>
	<td>Enter your user name:</td>
	<td>
	<input type = \"text\" name = \"user\">
	</td>

	</tr>
	<tr>
	<td>Enter your password:</td>
	<td>
	<input type = \"password\" name = \"password\">

	</td>
	</tr>
	<tr>
	<td>
	<input type=\"submit\" name = \"submit\" value=\"submit\">
	</td>

	</tr>
	</table>
	</form><br/>
	";
	print $form_string;
}
// ---------------- end of functions -----------------

// since sessions are handled with cookies, we must start
// a session before any HTML tags
session_start();
$display_form = true;
if (!isset($_SESSION['user'])) {
	// check if the user is responding to login form
	$user = $_POST['user'];
	$password = $_POST['password'];	
	if (isset($user)) {
		if (isvalid($user, $password)) {
			// the user logged in - no need to display form
			$_SESSION['user'] = $user;
			$display_form = false; 
		}
	}
} else {
	// returning user - no need to display the form
	$display_form = false;	
}
?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!-- 
Handling login via sessions in PHP
Author: Elena Machkasova elenam@morris.umn.edu 
Last modified: 4/25/06 
--> 


<html>
<head>
<title>
Handling user's login - page 1
</title>
</head>
<body>
<?php
if ($display_form) {
	print_login_form();	
} else {
	print "Welcome, ".$_SESSION['user']."!<br/>\n";	
	print "<a href=\"login_session2.php\">Logout</a><br/>\n";
}
?>

</body>
</html>

<?php 
session_start();
$user = $_SESSION['user'];
session_destroy(); 
?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!-- 
Handling login via sessions in PHP
Author: Elena Machkasova elenam@morris.umn.edu 
Last modified: 4/25/06 
--> 

<html>
<head>

<title>
Handling user's login - page 2 (logout).
</title>
</head>
<body>
<?php
print "Bye, $user<br/>\n";
print "To login again, click <a href=\"login_session1.php\">here</a><br/>\n";
?>

</body>
</html>