Whenever, you login to a site , some of the important informations related to you are stored in SESSION variables so that these datas can be accessed throughout the site. Storing these variables in SESSION is necessary because expecting the same data from the user again and again will irritate him a lot. So, here is how we can transfer data in a secured way from a page to another.


// To set a sesson variable
$_SESSION['userName'] = "Dolly";

// Often it is advisable to check if the specified SESSION variable is already set. It returns a warning in that case

   unset($_SESSION['userName']); // Unsets if any such value exists
   $_SESSION['userName'] = "Dolly";
  $_SESSION['userName'] = "Dolly";
Usually SESSION variables are set once the user logs in successfully and destroyed after logout. This can be done through a session destroy function.

You must have seen a "Remember Me" check available at most of the login . Once you click remember me, you don't need to login again on that site till you are using the same browser. Its because then your details like Username and password are saved in your browser as cookie variables. Dont worry passwords are saved in encoded form like in md5 which cannot be decoded back. So, lets see how to get used to it

To set a cookie variable in the browser, you need to use setcookie function. setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including html and head tags as well as any whitespace. Once the cookies have been set, they can be accessed on the next page load with the $_COOKIE or $HTTP_COOKIE_VARS arrays.

All the arguments except the name argument are optional.We will be explaining the various arguments to the function one by one.

name :- It stores the name of the cookie, through which it will be accessed in the future.

value :- It stores the value of the cookie

expire :- It decides the expiration time of the cookie. It is Unix Timestamp, so it is set using time() + (time in second). If no values are passed, then it expires as soon as the session expires(browser is closed)

path :- The path decides the part of the domain in which these cookie values can be accessed. a '/' value makes it accessible through entire domain. Setting a value like '/dir1/' makes it accessible in dir1. Passing no value sets it to be accessible only in calling directory.

domain :- The domain that the cookie is available to.

secure :- Indicates that the cookie should only be transmitted over a secure HTTPS connection from the client. When set to TRUE, the cookie will only be set if a secure connection exists.

httponly :- When TRUE the cookie will be made accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. It has been suggested that this setting can effectively help to reduce identity theft through XSS attacks

$value = 'something from somewhere';

setcookie("TestCookie", $value);
setcookie("TestCookie", $value, time()+3600);  /* expire in 1 hour */
setcookie("TestCookie", $value, time()+3600, "/~rasmus/", "", 1); 

These all syntax sets the cookie as explained above and can be used further on any page using Globar arrays COOKIE as shown :-

if (isset($_COOKIE['userName'])){
     echo "Hello".$_COOKIE['userName'];
	else {
	echo "Hello guest ";

Thats all for now in PHP section. We will be uploading several other working examples very soon.

Member Login

Member Login

Not a Member? Sign Up!

Login to comment

Be the first to comment on this topic


<<< Wanna review