Chapter 11: Cookies, Sessions, and Access Control
In the last chapter, I showed you how users can register accounts on the website. Now it’s time to make those accounts functional, so that users can log in to the website. The process is familiar to web users: they enter a username and password, and get access to content that’s unique to their account.
Although a familiar process from the perspective of someone using the website, for a developer, building a website that allows logging in can seem daunting at first.
By its nature, HTTP is stateless. You connect to a website, the server gives you a file. As you’ve already seen, you can send data from the browser to the server using
GET variables and HTML forms. However, the information is provided ...