IT Community - Software Programming, Web Development and Technical Support

Cookies

This is a discussion on Cookies within the PHP Programming forums, part of the Web Development category; Using Cookies:Before the advent of sessions, there were cookies. Cookies are files that get written to a temporary file ...


Go Back   IT Community - Software Programming, Web Development and Technical Support > Web Development > PHP Programming

Reload this Page Cookies

Register FAQ Members List Calendar Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 10-30-2007, 01:16 PM
ragavraj ragavraj is offline
D-Web Programmer
  
Join Date: Feb 2007
Posts: 92
ragavraj is on a distinguished road
Default Cookies
Using Cookies:
Before the advent of sessions, there were cookies. Cookies are files that get written to a temporary file on a user’s computer by a web application. Cookies store information that can be read by the online application, thus authenticating a user as unique. By allowing a web application
to identify whether a user is unique, the application can then perform login scripts and other
functionality.
The problem with cookies is that because they are stored on a user’s computer, they have
developed a bad rap as being highly insecure. And because of possible insecurities with cookies,
users have begun to turn them off in their browser security settings; in fact, users often do
not accept cookies.
Cookies themselves are not bad or insecure if used correctly by a developer. However,
since users have the ability to turn them off (and since the actual cookie must be stored on
the user’s computer), most good developers have migrated their code to sessions.
Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 10-30-2007, 01:18 PM
ragavraj ragavraj is offline
D-Web Programmer
  
Join Date: Feb 2007
Posts: 92
ragavraj is on a distinguished road
Default Re: Cookies
Setting Cookies:
To be able to use cookies and store values in them, you must first set a cookie on a user’s
computer. You can use plenty of parameters to take full advantage of a cookie, including the
expiration time, path of use, name, value, and so on. By using the different parameters, you
can customize the way the cookie works for you. The way to set a cookie is by using the function
setcookie(), which has the following prototype:
bool setcookie ( string name [, string value [, int expire[, string path [, string domain [, bool secure]]]]])
Code:

PHP Code:
<?php
//sample12_1.php
//Let's say that the correct login is based on these global user and pass values.
//In the real world, this would be taken from the database most likely.
$GLOBALS['username'] = "test";
$GLOBALS['password'] = "test";
//Here is an example to set a cookie based on a correct login.
function validatelogin ($username$password){
//Check for a valid match.
if (strcmp ($username$GLOBALS['username']) == 0&#10149;
&& strcmp ($password$GLOBALS['password']) == 0){
//If you have a valid match, then you set the cookies.
//This will set two cookies, one named cookie_user set to $cookieuser,
//and another set to cookie_pass, which contains the value of $password.
//When storing passwords, it is a good idea to use something like md5() to
//encrypt the stored cookie.
setcookie ("cookie_user"$usernametime()+60*60*24*30);
setcookie ("cookie_pass"md5 ($password), time()+60*60*24*30);
return true;
} else {
454 12-&#9632; SETTING COOKIES
return false;
}
}
//You call the validatelogin() script.
if (validatelogin ("test","test")){
echo "Successfully logged in.";
} else {
echo "Sorry, invalid login.";
}
?>
Last edited by ragavraj : 10-30-2007 at 01:20 PM.
Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 10-30-2007, 01:23 PM
ragavraj ragavraj is offline
D-Web Programmer
  
Join Date: Feb 2007
Posts: 92
ragavraj is on a distinguished road
Default Re: Cookies
Reading Cookies:
Naturally, there would be little use for cookies if you could not read from them, hence allowing
you to use them in your applications. Cookies can indeed be read—and quite easily. By using
the $_COOKIE superglobal, you can have full access to your cookie for reading and writing to it
from your script. The following script allows you to determine if you are properly logged in
using a function that returns a true value upon proper validation of login.
PHP Code:
<?php
//sample12_2.php
//Let's say the correct login is based on these global user and pass values.
//In the real world, this would be taken from the database most likely.
$GLOBALS['username'] = "test";
$GLOBALS['password'] = "test";
//Let's assume you already have a valid set of cookies in place.
setcookie ("cookie_user""test"time()+60*60*24*30);
setcookie ("cookie_pass"md5 ("test"), time()+60*60*24*30);
//Here is an example to set a cookie based on a correct login.
function validatelogin (){
//Check for a valid match.
if (strcmp ($_COOKIE['cookie_user'], $GLOBALS['username']) == 0&#10149;
&& strcmp ($_COOKIE['cookie_pass'], md5 ($GLOBALS['password'])) == 0){
return true;
} else {
return false;
}
}
//You call the validatelogin() script.
if (validatelogin ()){
echo "Successfully logged in.";
} else {
echo "Sorry, invalid login.";
}
?>
Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 10-30-2007, 01:25 PM
ragavraj ragavraj is offline
D-Web Programmer
  
Join Date: Feb 2007
Posts: 92
ragavraj is on a distinguished road
Default Re: Cookies
Deleting Cookies:
Removing cookies is also a simple task. You should note that cookies will disappear by themselves
if you have set them up to do so. Cookies that have not been assigned a time to die will
simply be removed when the browser window closes. Sometimes, however, a user will want to
be able to clear the cookies on a site. Such functionality typically goes by the name of “logout”
and is a staple of a well-programmed user interface. The following code allows a user to log out.
CODE
PHP Code:
<?php
//sample12_3.php
//Let's assume you already have a valid set of cookies in place.
setcookie ("cookie_user""test"time()+60*60*24*30);
setcookie ("cookie_pass"md5 ("test"), time()+60*60*24*30);
//Here is a function that will kill the cookies and hence "log out."
function logout (){
//To remove a cookie, you simply set the value of the cookie to blank.
setcookie ("cookie_user"""time()+60*60*24*30);
setcookie ("cookie_pass"""time()+60*60*24*30);
}
//You call the logout script.
logout();
//You can no longer access the cookies.
echo $_COOKIE['cookie_user'] . "<br />";
echo "You have successfully logged out.";
?>
Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 11-01-2007, 12:48 PM
ragavraj ragavraj is offline
D-Web Programmer
  
Join Date: Feb 2007
Posts: 92
ragavraj is on a distinguished road
Default Re: Cookies
Getting Rid of "Magic Quotes" in Cookies
Magic quoteswhich were covered and hated in the previous chapter, as wellalso apply to cookies because they are data coming from the client. So if magic_quotes is on, single and double quotes are escaped with backslash characters. To get rid of those, this code is used. A similar code was also used in the previous chapter to remove these escape characters from form data (GET and POST data).

If magic_quotes is set, stripslashes() is applied recursively to all data in $_COOKIE.


for example
PHP Code:
<?php
  function stripCookieSlashes($arr) {
    if (!is_array($arr)) {
      return stripslashes($arr);
    } else {
      return array_map('stripCookieSlashes'$arr);
    }
  }

  if (get_magic_quotes_gpc()) {
    $_COOKIE  stripCookieSlashes($_COOKIE);
  }
?>
Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cookies nhoj Java Server Pages (JSP) 4 09-29-2008 12:32 AM
ASP.NET Cookies Overview KiruthikaSambandam ASP and ASP.NET Programming 8 05-30-2008 02:10 AM
Cookies before start using in php vigneshgets PHP Programming 1 01-18-2008 04:18 AM
Creating Cookies pranky HTML, CSS and Javascript Coding Techniques 2 11-21-2007 05:02 AM
Cookies vs. Sessions vijayanand PHP Programming 3 08-13-2007 08:36 AM


All times are GMT -7. The time now is 07:12 PM.

Contact Us - IT Community - Archive - Top

Copyright ©2004 - 2007, DiscussWeb. All Rights Reserved.

SEO by vBSEO 3.0.0