Keeping state

One of the big problems in writing any sort of interactive system using the web is keeping state information.

Of course HTTP and the web in general is a stateless system and in the main this is good – except when you want to keep track of users as they wander though your website.

The traditional way of doing this is to use a cookie and PHP has direct cookie support. In particular it has a command that allows you to send additional HTTP headers – the header() function. This is easy to use but you have to remember to use it before you send any other output to the web page, i.e. headers have to come first. You can use this to create cookies by sending “Set-Cookie” headers but a simpler way of doing the same thing is to use the setcookie function.

This also has to be used right at the start of a web page but it has standard parameters for the cookie:

Setcookie(name,value, time, path,domain);

So much for setting cookies what about accessing them?

Well in PHP this is trivial because just like CGI parameters it converts cookies into elements of the $_COOKIE array.

For example, if you use:

<?php
 setcookie(“cook1”,”1”);
?>

then when a web page loads the cookie a element called cook1 will be created and it will contain the value “1”.

So you can write:

if (isset($_COOKIE["cook1"])
{
 print $item;
}
else
{
 print "no cookie!!!";
}

To make this work you have to place the setcookie PHP in the web page before anything else including the <html> tag. Also as no time or any other parameters are specified the cookie is a session cookie and deleted as soon as the browser closes.

Notice that there is a big difference between this approach and a client side approach. In this case the cookie variables are only set after the client has sent the cookie back to the server. What this means is that the cookie variables are unset in the page that actually writes the cookie to the client. It is not until you move too another page is the cookie available. This makes testing the above more difficult than you might imagine.

PHP Session

A better way of keeping state information, because of users irrational fear of cookies, is the PHP session.  This is similar to the ASP.NET session object and it can make use of any of cookies, hidden form fields and URL encoding to maintain state information. In this case we have the $_SESSION global array.

When the user first connects to the site PHP generates a session identifier - SID. Which is used to maintain another global array $_SESSION which is unique to the user. You can create and use elements within the array and have a reasonable expectation that they will still be accessible when the user visits your site again.

So for example:

$_SESSION["Mydata"]= 1234;

creates a new array entry called MyData and stores the value 1234 in it.

To retrieve the data you simply access the elment even if this is at a later date when the user revisits your site. 

print $_SESSION["Mydata"];

More PHP

This short introduction has hardly started to explore the range of facilities provided by PHP. It’s a powerful and modern language which provides server side scripting for most web servers. It is a fully object-oriented language, has full file and database facilities. There is a lot more to learn and appreciate but at the end of this introduction you should have an idea of how PHP does its main tasks - generate HTML, handle forms and track state.    

PHP In Easy Steps, 4th Ed ((Book Review)

<ASIN:1840789239>

<ASIN:0596006306>

<ASIN:0596101015>