Chapter 13. Cookies, Sessions, and Authentication
As your web projects grow larger and more complicated, you will find an increasing need to keep track of your users. Even if you arenât offering logins and passwords, you will still often need to store details about a userâs current session and possibly also recognize them when they return to your site.
Several technologies support this kind of interaction, ranging from simple browser cookies to session handling and HTTP authentication. Between them, they offer the opportunity for you to configure your site to your usersâ preferences and ensure a smooth and enjoyable transition through it.
Using Cookies in PHP
A cookie is an item of data that a web server saves to your computerâs hard disk via a web browser. It can contain almost any alphanumeric information (as long as itâs under 4 KB) and can be retrieved from your computer and returned to the server. Common uses include session tracking, maintaining data across multiple visits, holding shopping cart contents, storing login details, and more.
Because of their privacy implications, cookies can be read only from the issuing domain. In other words, if a cookie is issued by, for example, oreilly.com, it can be retrieved only by a web server using that domain. This prevents other websites from gaining access to details for which they are not authorized.
Because of the way the internet works, multiple elements on a web page can be embedded from multiple domains, each of ...
Get Learning PHP, MySQL & JavaScript, 6th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
