When you have more than one page in your PHP-based website and want to keep track of or personalize user activities, or when your application grows to more than just an information board, then it is time to maintain state in the site. The main purpose of maintaining state in PHP applications is to keep track of users and their activities. It can also be used to limit a user’s ability to access certain components of a website.
Without maintaining state, an e-commerce site would not be able to support shopping on the Internet, because the shopping cart needs to “remember” the products you selected to buy and it needs to maintain state for that.
So, why can’t you maintain state with HTTP? The main reason is because HTTP is a stateless protocol, meaning that it has no built-in way of maintaining state between transactions. For example, when a user requests one page followed by another, HTTP does not provide a way for us to tell which user made the second request.
In this article we will look at what maintaining state in PHP applications entails. Specifically, PHP offers two methods for tracking data. The first is cookies and the second is called sessions. We will be looking at these methods in detail.
Using Cookies in PHP to Maintain State
What are “cookies”? Cookies provide a way for a server to store information about a user on the user’s machine. The purpose for this is mainly for the server to remember who you are every time you visit a particular site. Think of it as a name tag or identifier that the server assigns to you.
On a more technical level, cookies are basically text files stored by websites on a computer that accesses websites. Each cookie can contain around 4,000 characters, and up to 20 cookies can be stored for each website. The client can store a maximum of 300 cookies. As you might expect, the text in cookies are stored in plain text, so if you are going to store sensitive data, you will have to encrypt it to be more secure.
To create a cookie in PHP, the
setcookie()
function must be used at the top of your PHP script. No white spaces or any kind of text should precede the calling of the function. In the example below, we use a form to collect the name and age of a user and then store that information in a cookie:
<?php
if(isset($_POST['submit'])){
$err = "";
echo "dghsdgh";
//check if the form values are not empty
if(empty($_POST['txtname'])){
$err = "Please enter a name.";
}
if(empty($_POST['txtage'])){
$err .= "Please enter a age.";
}
if(strlen($err) < 1 ){
setcookie('User', $_POST['txtname']);
setcookie('Age',$_POST['txtage']);
echo "Cookies set";
}else{
echo "The following errors occurred: ".$err;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Handling Cookies in PHP</title>
<style type="text/css">
<!--
.style1 {font-size: 14px}
-->
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="setcookie.php">
<table width="100%" border="1">
<tr>
<td colspan="2"><h1>Set Cookie Form </h1></td>
</tr>
<tr>
<td width="19%">Name</td>
<td width="81%"><label>
<input name="txtname" type="text" id="txtname" />
</label></td>
</tr>
<tr>
<td>Age</td>
<td><label>
<input name="txtage" type="text" id="txtage" />
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input name="submit" type="submit" id="submit" value="submit" />
</label></td>
</tr>
</table>
</form>
</body>
</html>
To view the cookie data, we can simply open up the cookie file on the system using any text editor or we simply write a routine similar to how you would retrieve a form value. For example, if you’ve set a cookie value like this:
setcookie('Username','MyName')
Then you would retrieve it like this:
If(isset($_COOKIE['Username'])){
echo $_COOKIE('Username');
}