PHP Session Control Cookie Detailed

1. What is a cookie:

Sometimes the plural forms of Cookies are used to refer to the data (usually encrypted) stored on the user's local terminal by certain websites in order to identify the user and track the session. The most typical application of cookies is to determine whether a registered user has logged on to the site, and users may be prompted whether to retain user information for the next time they enter the site in order to simplify the login process, which is the function of cookies. Another important application is the "shopping cart" process. Users may select different items on different pages of the same site for a period of time, which will be written to cookies to extract information at the end of the payment.

Advantages:

Good compatibility

Disadvantages:

1. Increased network traffic;

2. It has limited data capacity, can only store 4KB of data, the browser is different; The client can disable or empty cookies, thereby affecting the function of the program.

3. is not safe. Using cookies When multiple people share a single computer can reveal user privacy and pose security concerns.

2.cookie Working principle:

A cookie is a piece of text that a Web server holds on a user's hard disk, which stores some "key-value" pairs. Each Web site can store cookies on the user's machine and can retrieve the cookie data as needed. Typically, a Web site has a cookie file. Each time a user accesses site A, it looks for the cookie file for site A, and, if present, reads the user name and password "key-value" pairs of data. If the user name and password "key-value" pair data is found, it is sent to site a along with the access request. When site a receives an access request and receives the user name and password "key-value" pair data, the user name and password data is used to log in so that the user does not need to enter a user name and password. If the user name and password "key-value" pair data is not received, the user has not logged in successfully before, and site a returns the login page to the user. In addition, each cookie has an expiration date and the cookie is no longer available after the expiry date. A common cookie operation is to set the cookie data and read the cookie data and delete the specified cookie data.

Grammar:

BOOL Setcookie (String $name [, String $value = "" [, int $expire = 0 [, String $path = "" [, String $domain = "" "[, BOOL $secure = False [, bool $httponly = false]]] []])

Setcookie () defines a Cookie that is sent to the client along with the remaining HTTP headers. Like other HTTP headers, a cookie must be sent before the script produces any output (due to protocol limitations). Call this function before generating any output, including

Name:cookie name.

The Value:cookie value. This value is stored on the user's computer and does not store sensitive information. For example, name is ' CookieName ' and can get its value by $_cookie[' CookieName '.

The expiration time of the Expire:cookie. This is a UNIX timestamp, which is the number of seconds since the Unix era (00:00:00 GMT, January 1, 1970). That is, you can basically use the result of the time () function plus the number of seconds you want to expire. Or you can use Mktime (). Time () +60*60*24*30 is the setting Cookie expires after 30 days. If set to 0, or ignore parameters, the Cookie expires at the end of the session (that is, when the browser is turned off).

Path:cookie a valid server path. When set to '/', the Cookie is valid for the entire domain. If set to '/foo/', the Cookie is only valid for/foo/directory and its subdirectories in domain (such as/foo/bar/). The default value is the current directory when the Cookie is set.

Valid domain name/subdomain of Domain:cookie. Setting a subdomain (such as ' www.example.com ') will make the Cookie valid for that subdomain and its three-level domain name (for example, w2.www.example.com). To make a Cookie valid for the entire domain name (including all of its subdomains), just set it up as a domain name (in this case, ' example.com ').

Secure: Sets whether this Cookie is passed to the client only through a secure HTTPS connection. When set to TRUE, cookies are set only when a secure connection is present. If this requirement is handled on the server side, the programmer needs to send such cookies only on a secure connection (by $_server["HTTPS").

HttpOnly: Set to True,cookie can only be accessed via the HTTP protocol. This means that cookies are not accessible through scripting languages like JavaScript. FALSE, there is no limit.

return value

If the output has been generated before the function is called, Setcookie () will call the failure and return FALSE. Returns TRUE if Setcookie () runs successfully. Of course, it does not mean that the user has accepted the Cookie.

Set up and read cookies

<?php    $value = "my cookie value";//Send a simple cookie    setcookie ("TestCookie", $value, Time () +60);  Set cookie?><! DOCTYPE html>
Delete Cookies

To delete a Cookie, you should set the expiration time to the past to trigger the browser's removal mechanism.

<?php//setting expires at one hours before Setcookie ("TestCookie", "" ", Time ()-3600), Setcookie (" TestCookie "," ", Time ()-3600,"/~rasmus/" , "example.com", 1);
?>

Used to record the number of times the current user visited a Web site:

<?php   if (isset ($_cookie["num"))        $num =$_cookie["num"];    else       $num =0;                        First Set cookie       $num = $num +1;                    Setcookie ("num", $num, Time () +60*60)//Send a cookie num record access times? ><! DOCTYPE html>
User authentication is authentication cookie:

<?php//Authentication Cookie header ("Content-type:text/html;charset=utf-8");    error_reporting (0);        Take the username and password entered $uid =$_post[' username '];    $upwd =$_post[' pwd '];        Verify the username and password if ($uid = = "Admin" && $upwd = = "Pass") {echo ("You have logged in successfully, welcome");           if ($_post[' Checkboxcookie ']== "on") {Setcookie ("username", $uid, Time () +60*60*24);       Setcookie ("pwd", $upwd, Time () +60*60*24); }} else echo ("Login failed, return login again");? ><?php error_reporting (0);? ><! DOCTYPE html>