PHP

$_GET / $_POST / $_SESSION

• PHP uses predefined variables to provide access to important information about the server and requests from a browser.

• PHP provides a large number of predefined variables to any script which it runs. PHP provides an additional set of predefined arrays containing variables from the web server the environment, and user input.

• We can access predefined variables in any scope - any if block, any for block. It means every where in PHP block.

• There are many predefined variables provided by PHP but this week you will learn just $_GET, $_POST, $_SESSION because there are common things you need to know.

HANDLING USERINPUT WITH $_GET / $_POST

Before knowing $_GET and $_POSTYou have to know ‘HTTP data sending method’ first.• HTTP is how webpage runs. it is agreement between web server and web

browser. That is how server and browser communicate to each other.• HTTP sending method is about how much secure browser send data to server.

(data which comes from user input).- GET method is less secure but easier.

With this method we can send data by submitting form or put it directly in address bar but web user can see datas in address bar. ( http://webserver/calculate.php?a=10&b=5 )

- POST method is better secure but more difficult.With this method we can send data by only submitting form and web user cannot see datas in address bar. ( http://webserver/calculate.php )

THE WAY OF $_GET

• We have 2 ways to send data from one php page to another one php page (or itself).– First is using form submission.• Important to set method=“get”

– Second is specifying data as key-value pair directly after URL.

• When datas are sent to destination page you will see the URL in address bar

• In destination page you can use $_GET[‘key or name of data’]; in PHP block to access datas sent from source page.

THE WAY OF $_POST

• We have 1 way to send data from one php page to another one php page (or itself).– It is using form submission.• Important to set method=“post”

• When datas are sent to destination page you will see the URL in address bar

• In destination page you can use $_POST[‘key or name of data’]; in PHP block to access datas sent from source page.

STORING USER’S STATE OR TEMPORARY INFO WITH

$_SESSION

Before knowing $_SESSION• Session provides a way to identify a user across more than one

page request or visit to a Web site and to store information about that user.

• Session is like transaction, at 7-11 cashier you buy 3 things - Lays, Coke, Mama. Cashier staff calculates the price one by one by scanning your things’ barcode. She does three times then press ‘Enter’ to finish to process. The whole process just now is 1 transaction.

• The same way when you go to facebook.com website. You may first go to your profile first then you go to your friends’ profile, leave some comments. You found your friend of friend looks nice, you go to his/ her profile and try to see information, photos, marriage status. You may go 5-6 pages already but that is 1 session.

• Session may start when you first come to web site at any page or logged in success.

• After session started, web server can store your state (your information, your input, your IP address, Item you want to buy etc).

• Web server can destroy your session- by program (such as when you click logout) or- by timing which is when you are inactive (sleep in front your

• computer or you did not go any page within the same web site) within defined interval (such as 30 minutes). We call this ‘Session timeout’.

Starting a session.

• Before you can begin storing user information in your PHP session, you must first start the session. When you start a session, it must be at the very beginning of your code, before any HTML or text is sent.

• Below is a simple script that you should place at the beginning of your PHP code to start up a PHP session.

<?phpsession_start(); // start up your PHP session!

?><html>...</html>

Storing / Getting data.

• When you want to store user data in a session use the $_SESSION associative array. This is where you both store and retrieve session data.

<?phpsession_start(); // start up your PHP session!

?><html>

<body><?php

$_SESSION[‘views’])=1; // store session dataprint “view is =“.$_SESSION[‘views’]; // retrieve data

?></body>

</html>

Check if particular session data exists.• isset() function comes in handy. isset is a function

that takes any variable you want to use and checks to see if it has been set. That is, it has already been assigned a value.

• With our previous example, we can create a very simple pageview counter by using isset to check if the pageview variable has already been created. If it has we can increment our counter. If it doesn't exist we can create a pageview counter and set it to one. Here is the code to get this job done:

<?phpsession_start(); // start up your PHP session!

?><html>

<body><?php

if(isset($_SESSION[‘views’])) $_SESSION[‘views’])= $_SESSION[‘views’]+1;

else $_SESSION[‘views’])=1;

print “view is =“.$_SESSION[‘views’]; ?>

</body></html>

Destroying session

• You may remove some datas in someone’s session such as session data named ‘cart’ when shopping cart is checked out.

<?phpsession_start(); // start up your PHP session!

?><html>

<body><?php

// Remove only session data name ‘cart’ if(isset($_SESSION[‘cart’])) unset($_SESSION[‘cart’]) ; ?>

</body></html>

• You can also destroy someone’s whole session when he clicked log out button.

<?phpsession_start(); // start up your PHP session!

?><html>…</html><?php

session_destroy(); // destroy your PHP session!?>

Setting up session timeout interval.

• If you want your session of visitor to be destroy if your visitor are inactive (did not open any page for a while) for an interval you desire, you can easily set it as below:

• Note that number is second. So 1800 is 30 minutes.

<?phpini_set(‘session.gc_maxlifetime’,’1800’);session_start(); // start up your PHP session!

?><html>…</html>