Scribd
Upload
30 views22 pages

Chapter 15

Uploaded by

themanboss000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
30 views22 pages

Chapter 15

Uploaded by

themanboss000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

Fundamentals of Web Development

Third Edition by Randy Connolly and Ricardo Hoar

Chapter 15

Managing State

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
In this chapter you will learn . . .
• Why state is a problem in web application development

• What cookies are and how to use them

• What session state is and what are its typical uses and limitations

• What server cache is and why it is important in real-world websites

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
The Problem of State in Web Applications

How can one request share


information with another request?

The question is: how did the server


"know" when the user was and was
not logged in? →

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
The Problem of State in Web Applications (ii)

Unlike a desktop application, A web


application consists of a series of
disconnected HTTP requests to a
web server where each request for a
server page is essentially a request
to run a separate program

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Passing Information in HTTP
In HTTP, we can pass information using:

• URL

• HTTP header

• Cookies

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Passing Information via the URL
Recall a web page can pass query
string information from the browser to
the server using one of the two
methods:

• a query string within the URL


(GET) →

• a query string within the HTTP


header (POST).

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Passing Information via HTTP Header
You can see that the form data
sent using the POST method is
sent as a query string after the
HTTP header.

Think of this data being passed


via the HTTP header

Another way that a browser can


send data to the server is via
JSON data

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Cookies
Cookies are a client-side approach for persisting state information.

They are name=value pairs that are saved within one or more text files that
are managed by the browser.

While cookies can be used for any state-related purpose, they are principally
used as a way of maintaining continuity over time in a web application. One
typical use of cookies in a website is to “remember” the visitor so that the
server can customize the site for the user.

Cookies are also frequently used to keep track of whether a user has logged
into a site.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
How Do Cookies Work?

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Using Cookies in PHP
$expiryTime = time()+60*60*24;
// create a persistent cookie
Cookies in PHP are $name = "username";
created using the $value = "Ricardo";
setcookie() function and setcookie($name, $value, $expiryTime);
are retrieved using the LISTING 15.2 Writing a cookie
$_COOKIES superglobal
associative array, if ( !isset($_COOKIE['username']) ) { echo "this cookie doesn't exist"; }
else {
It is important to note echo "The username retrieved from the cookie is:“. $_COOKIE['username’];
that cookies must be }
written before any other // loop through all cookies in request
page output. foreach ($_COOKIE as $name => $value) {
echo "Cookie: $name = $value";
}

LISTING 15.3 Reading a cookie

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Persistent Cookie Best Practices
Due to the limitations of cookies, your site’s correct operation should not be
dependent upon them.

Almost all login systems are dependent upon IDs sent in session cookies

Cookies containing sensitive information should have a short lifetime

A login cookie might contain the username but not the password. Instead, the
login cookie would contain a random token used by the site’s back-end
database. Every time the user logs in, a new token would be generated and
stored in the database and cookie.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Session State
Session state is a server-based
state mechanism that lets web
applications store and retrieves
objects of any type for each unique
user session.

The session state is dependent


upon some type of session store,
that is, some type of storage area
for session information.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
How Does Session State Work?
Since HTTP is stateless, some type of
user/session identification system is
needed.

Sessions in PHP are identified with a


unique session ID.

This session ID is transmitted back


and forth between the user and the
server via a session cookie

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Session Storage and Configuration
In the example shown in Figure 15.8, each user’s session information is kept
in serialized files

The decision to save sessions to files rather than in memory addresses the
issue of memory usage that can occur on shared hosts as well as persistence
between restarts.

One downside to storing the sessions in files is a degradation in performance


compared to memory storage.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Session State in PHP
Session in PHP can be accessed via <?php
the $_SESSION variable, but unlike include_once("ShoppingCart.class.php");
the other superglobals, you have to session_start();
take additional steps first. // check for existence of session object before accessing
if ( !isset($_SESSION["Cart"]) ) {
You must call the session_start() $_SESSION["Cart"] = new ShoppingCart();
}
function at the beginning of the script
$cart = $_SESSION["Cart"];
?>
If the session object does not yet
exist one might generate an error, LISTING 15.8 Checking session existence
redirect to another page, or create
the required object

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Caching
As you learned back in Chapter 2, your browser uses caching to speed up the
user experience. In Chapter 10, you learned about the Web Storage API,
which provides a JavaScript-accessible cache managed by the browser.

Caching is just as important on the server-side.

Every time a PHP page is requested, it must be fetched, parsed, and


executed by the PHP engine. Dynamic generation of that page may become
unsustainable under high traffic load.

One way to address this problem is to cache the generated markup in server
memory so that subsequent requests can be served from memory rather than
from the execution of the page.
Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Page Output Caching
Page output caching saves the
rendered output of a page (or
part of a page) and reuses the
output instead of reprocessing
the page when a user requests
the page again.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Use case for caching

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Application Data Caching
One of the biggest drawbacks of page output caching is that performance
gains will only be had if the entire cached page is the same for numerous
requests.

Application data caching allows the developer to programmatically cache


data commonly used collections of data.

Then other pages that also need that same data can use the cache version
rather than retrieve it from its original location

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Redis as Caching Service
Redis is a popular in-
memory key/value noSQL
database that is frequently
used for distributed
caching.

Redis is an in-memory
database. This means its
speed of search and
retrieval is very fast.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Key Terms
application data caching persistent cookies write-though cache

cache serialization

cookies session cookie

data eviction algorithms session state

deserialization session store

HttpOnly URL rewriting

page output caching write-back cache

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved
Copyright

This work is protected by United States copyright laws and is


provided solely for the use of instructors in teaching their
courses and assessing student learning. Dissemination or sale of
any part of this work (including on the World Wide Web) will
destroy the integrity of the work and is not permitted. The work
and materials from it should never be made available to students
except by instructors using the accompanying text in their
classes. All recipients of this work are expected to abide by these
restrictions and to honor the intended pedagogical purposes and
the needs of other instructors who rely on these materials.

Copyright © 2021, 2018, 2015 Pearson Education, Inc. All Rights Reserved

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy