Developing State-enabled Applications With PHP

When a user is browsing through a website and is surfing from one web page to another, sometimes website needs to remember actions (e.g. choices) performed by user. For example, in a website that sells DVDs, user typically browses through a list of DVDs and selects individual DVDs for check out at end of shopping session. The website needs to remember which DVDs user has selected because selected items needs to be presented again to user when user checks out. In other words, website needs to remember State - i.e. selected items - of user's browsing activities.

However, HTTP is a Stateless protocol and is ill-equipped to handle States. A standard HTML website basically provides information to user and a series of links that simply directs user to other related web pages. This Stateless nature of HTTP allows website to be replicated across many servers for load balancing purposes. A major drawback is that while browsing from one page to another, website does not remember State of browsing session. This make interactivity almost impossible.

In order to increase interactivity, developer can use session handling features of PHP to augment features of HTTP in order to remember State of browsing session. The are basically 2 ways PHP does this: 1. Using cookies 2. Using Sessions

The next installment discusses how to manage sessions using cookies...

Installment 2

Cookies

Cookies are used to store State-information in browser. Browsers are allowed to keep up to 20 cookies for each domain and values stored in cookie cannot exceed 4 KB. If more than 20 cookies are created by website, only latest 20 are stored. Cookies are only suitable in instances that do not require complex session communications and are not favoured by some developers because of privacy issues. Furthermore, some users disable support for cookies at their browsers.

The following is a typical server-browser sequence of events that occur when a cookie is used: 1. The server knows that it needs to remember State of browsing session 2. The server creates a cookie and uses Set-Cookie header field in HTTP response to pass cookie to browser 3. The browser reads cookie field in HTTP response and stores cookie 4. This cookie information is passed along future browser-server communications and can be used in PHP scripts as a variable

PHP provides a function called setcookie() to allow easy creation of cookies. The syntax for setcookie is: int setcookie(string name, [string val], [int expiration_date], [string path], string domain, [int secure])

The parameters are: 1. name - this is a mandatory parameter and is used subsequently to identify cookie 2. value - value of cookie - e.g. if cookie is used to store name of user, value parameter will store actual name - e.g. John 3. expiration_date - lifetime of cookie. After this date, cookie expires and is unusable 4. path - path refers to URL from which cookie is valid and allowed 5. domain - domain created cookie and is allowed to read contents of cookie 6. secure - specifies if cookie can be sent only through a secure connection - e.g. SSL enable sessions

The following is an example that displays to user how many times a specific web page has been displayed to user. Copy code below (both php and html) into a file with .php extension and test it out.

[?php //check if $count variable has been associated with count cookie if (!isset($count)) { $count = 0; } else { $count++; } setcookie("count", $count, time()+600, "/", "", 0); ?]

[html] [head] [title]Session Handling Using Cookies[/title] [/head] [body] This page has been displayed: [?=$count ?] times. [/body] [/html]

Flat files are only feasible in very low to low volume websites as flat files have 3 inherent weaknesses: 1.The inability to index data. This makes it necessary to potentially read ALL data sequentially. This is a major problem if there are a lot of records in flat file because time required to read flat file is proportionate to number of records in flat file. 2.The inability to efficiently control access by users to data 3.The inefficient storage of data. In most cases, data would not be encrypted or compressed as this would exacerbate problem no. 1 above

The alternative which is, in my opinion, only feasible method, is to store data in a database. One of most prevalent databases in use is MySQL. Data that is stored in a database can easily be indexed, managed and stored efficiently. Besides that, most databases also provide a suite of accompanying utilities that allow database administrator to maintain database – for example, backup and restore, etc.

Websites scripted using PHP are very well suited for MySQL database as PHP has a custom and integrated MySQL module that communicates very efficiently with MySQL. PHP can also communicate with MySQL through standard ODBC as MySQL is ODBC-compliant, However, this will not be as efficient as using custom MySQL module for PHP.

The rest of this article is a tutorial on how to use PHP to: 1.Connect to a MySQL database 2.Execute standard SQL statements against MySQL database

Starting a Session with MySQL

Before PHP script can communicate with database to query, insert or update database, PHP script will first need to connect to MySQL server and specify which database in MySQL server to operate on.

The mysql_connect() and mysql_select_db() functions are provided for this purpose. In order to connect to MySQL server, server name/address; a username; and a valid password is required. Once a connection is successful, database needs to be specified.