• Simple template #1: embedding PHP in HTML • Simple template #2: using INCLUDE files to separate components • Advanced templating through the complete division of design and code • The
Trang 1// will be substituted into the file contents, taking the place // of the corresponding variable
Expanding the Template Class
Of course, this template class is rather limited, although it does the trick nicely for
projects that need to be created in a hurry The nice thing about using an
object-oriented implementation strategy is that you can easily add functionality without
worrying about potentially “breaking” existing code For example, suppose you
wanted to create a method that retrieved values from a database for later
tem-plate substitution Although slightly more complicated than the file_parser()
method, which just substitutes globally-accessible variable values, an SQL-based
file parser can be written with just a few lines and encapsulated in its own
method In fact, I create one of these parsers in the address book project at the
conclusion of this chapter
Templates
Trang 2Several modifications could be made to this template class, the first likelybeing the consolidation of register_file() and register_variables() This wouldautomatically add the variables in each registered file Of course, you will alsowant to insert error-checking functionality to ensure that invalid file and variablenames are not registered.
You are also likely to begin thinking about how this system could beenhanced Consider the following enhancement questions How would you create
a method that worked with entire arrays? Included Files? I think that you’ll find iteasier than it first seems As a reference, check out the implementation I createdfor an SQL-parser in the address book project at the end of this chapter You caneasily transform this general methodology into whatever implementation youdesire
This basic templating strategy has been implemented in several languagesand is certainly not a new concept Therefore, you can find a wealth of informa-tion on the Web pertaining to template implementations Two particularly inter-esting resources are this set of related articles, written with JavaScript in mind:
• http://developer.netscape.com/viewsource/long_ssjs/long_ssjs.html
• http://developer.netscape.com/viewsource/schroder_template/schroder_template.html
The following article touches upon templates as it applies to Java ServerPages:
• http://www-4.ibm.com/software/webservers/appserv/doc/guide/asgdwp.html
There are also quite a few PHP implementations that follow this templatingstrategy Several of the more interesting ones include:
• PHPLib Base Library (http://phplib.netuse.de)
• Richard Heyes’s Template Class (http://www.heyes-computing.net)
• Fast Template (http://www.thewebmasters.net/php/)The PHP resource site PHPBuilder (http://www.phpbuilder.com) also contains
a few interesting tutorials regarding template manipulation Also check out PHPClasses Repository (http://phpclasses.UpperDesign.com) Several similar tem-plating implementations are there
Chapter 12
310
Trang 3Drawbacks to This Templating System
While this form of templating fulfills its purpose of completely separating the
code from the design, it is not without its disadvantages I’ll highlight these
disad-vantages here
Resulting Unfounded Belief in “Silver Bullet” Solution
While templates can aid in clearly defining the boundaries of a project in terms of
coding and design, they are not a substitute for communication In fact, they
won’t even operate correctly without concise communication between both
par-ties about exactly what information will be templated in the application As is the
case with any successful software project, a thorough survey of the application
specifications should always be drawn up before even one line of PHP is coded
This will greatly reduce the possibility for later miscommunication, resulting in
unexpected template parsing results
Performance Degradation
The dependence on file parsing and manipulation will cause the templating
sys-tem to suffer a loss in performance in terms of speed Exactly what the degree of
this loss is depends on a number of factors, including page size, SQL query size (if
any), and machine hardware In many cases, this loss will be negligible; however
there may be instances where it will be noticeable if it becomes necessary to
simultaneously manipulate several template files in high-traffic situations
Designer Is Still PHP-Impaired
One of the main reasons for creating this system at all lies in the fact that it could
be problematic if the designer comes into contact with the code when editing the
look and feel of the page In an ideal environment, the designer would also be a
programmer or at least know general programming concepts, such as a variable,
loop, and conditional A designer who is not privy to this information stands to
gain nothing from using templates except education in a relatively useless syntax
(the syntax used to delimit variable keywords) Therefore, regardless of what your
final verdict is on using this form of page templating, I strongly recommend
tak-ing time to begin educattak-ing the designer on the finer points of the PHP language
(or better, buy the designer a copy of this book!) This results in a win-win
situa-tion for both parties, as the designer will learn an extra skill, and in doing so,
become an even more valuable member of the team The programmer wins, as
this person will be an extra brain to pick for new programming ideas, perhaps
even a particularly valuable one, since chances are that the designer will look at
things from a different perspective than the typical programmer would
Templates
Trang 4Project: Create an Address Book
Although templating systems are well suited for a variety of Web applications,they are particularly useful in datacentric applications in which formatting isimportant One such application is an address book Think about what a conven-tional (paper-based) address book looks like: each page looks exactly the same,save for perhaps a letter denoting which set of last names the particular page isreserved for The same kind of idea could apply to a Web-based address book Infact, formatting is even more important in this case, since it might be necessary toexport the data to another application in a particularly rigorous format This kind
of application works great with the templating system, since the designer is left tocreate a single page format that will be used for all 26 letters of the alphabet
To begin, you must decide what kind of data you want to store in the addressbook and how this data is to be stored Of course, the most plausible choice for astorage media would be a database, since this also facilitates useful features such
as searching and ordering data I’ll use a MySQL database to store the addressinformation The table looks like this:
mysql>CREATE table addressbook (
last_name char(35) NOT NULL, first_name char(20) NOT NULL, tel char(20) NOT NULL, email char(55) NOT NULL );
Of course, you can add street address, city, and state columns I’ll use thisabbreviated table for sake of illustration
Next, I’ll play the role of designer and create the templates For this project,two templates are required The first template, shown in Listing 12-8, could beconsidered the “parent” template
Listing 12-8: Parent address book template, entitled “book.html”
<table cellpadding=2 cellspacing=2 width=600>
<h1>Address Book: {letter}</h1>
<tr><td>
<a href="index.php?letter=a">A</a> | <a href="index.php?letter=b">B</a> |
<a href="index.php?letter=c">C</a> | <a href="index.php?letter=d">D</a> |
<a href="index.php?letter=e">E</a> | <a href="index.php?letter=f">F</a> |
Chapter 12
312
Trang 5<a href="index.php?letter=g">G</a> | <a href="index.php?letter=h">H</a> |
<a href="index.php?letter=i">I</a> | <a href="index.php?letter=j">J</a> |
<a href="index.php?letter=k">K</a> | <a href="index.php?letter=l">L</a> |
<a href="index.php?letter=m">M</a> | <a href="index.php?letter=n">N</a> |
<a href="index.php?letter=o">O</a> | <a href="index.php?letter=p">P</a> |
<a href="index.php?letter=q">Q</a> | <a href="index.php?letter=r">R</a> |
<a href="index.php?letter=s">S</a> | <a href="index.php?letter=t">T</a> |
<a href="index.php?letter=u">U</a> | <a href="index.php?letter=v">V</a> |
<a href="index.php?letter=w">W</a> | <a href="index.php?letter=x">X</a> |
<a href="index.php?letter=y">Y</a> | <a href="index.php?letter=z">Z</a>
As you can see, the bulk of this file is given to the links displaying each letter
of the alphabet Clicking a particular letter, the user will be presented with all
per-sons stored in the address book having a last name beginning with that letter
There are also three delimited variable names: page_title, letter, androws.addresses The purpose of the first two variables should be obvious: the title
of the page and the letter of the address book currently used to retrieve address
information, respectively The third variable refers to the child template and is
used to specify which table configuration file should be inserted into the parent I
say “table configuration file” because, in a complex page, you might be
simultane-ously using several templates, each employing HTML tables for formatting data
Therefore, “rows” specifies that a table template will be inserted, and “addresses”
tells us that it is the table used to format addresses
The second template, shown in Listing 12-9, is the “child” template, because
it will be embedded in the parent Why this is necessary will soon become clear
Listing 12-9: Child address book template, entitled “rows.addresses”
Trang 6There are four delimited variable names in Listing 12-9: last_name,first_name, telephone, and email The meanings of each should be obvious It isimportant to notice that this file only contains table row (<tr>…</tr>) and tablecell (<td>…</td>) tags This is because this file will be repeatedly inserted into thetemplate, one time for each address retrieved from the database Since therows.addressesvariable name is enclosed in table tags in Listing 12-8, the HTMLformatting will parse correctly To illustrate how this works, take a look at Figure12-1, which is essentially a screenshot of the completed address book in address.Then examine Listing 12-10, which contains the source code for that screen shot.You’ll see that the rows.addresses file is used repeatedly in the source code.
Chapter 12
314
Figure 12-1 Screenshot of the address book in action
Listing 12-10: Source code for Figure 12-1
Trang 7href="index.php?letter=l">L</a> | <a href="index.php?letter=m">M</a> | <a
href="index.php?letter=n">N</a> | <a href="index.php?letter=o">O</a> | <a
href="index.php?letter=p">P</a> | <a href="index.php?letter=q">Q</a> | <a
href="index.php?letter=r">R</a> | <a href="index.php?letter=s">S</a> | <a
href="index.php?letter=t">T</a> | <a href="index.php?letter=u">U</a> | <a
href="index.php?letter=v">V</a> | <a href="index.php?letter=w">W</a> | <a
href="index.php?letter=x">X</a> | <a href="index.php?letter=y">Y</a> | <a
As you can see, there are apparently two persons having a last name that
begins with F stored in the address book, Bobby Fries and Pierre Frenchy
There-fore, two table rows have been inserted in the table
The design process for the address book project is complete Now, I’ll don thehat of a coder You’ll be surprised to know that there are no changes to the tem-
plate.classfile in Listing 12-7, save for one new method, address_sql() This
method is displayed in Listing 12-11
Templates
Trang 8Listing 12-11: SQL parsing method, address_sql()
class template { VAR $files = array();
VAR $variables = array();
VAR $sql = array();
VAR $opening_escape = '{';
VAR $closing_escape = '}';
VAR $host = "localhost";
VAR $user = "root";
VAR $pswd = "";
VAR $db = "book";
VAR $address_table = "addressbook";
function address_sql($file_id, $variable_name, $letter) { // Connect to MySQL server and select database
mysql_connect($this->host, $this->user, $this->pswd)
or die("Couldn't connect to MySQL server!");
mysql_select_db($this->db) or die("Couldn't select MySQL database!"); // Query database
$query = "SELECT last_name, first_name, tel, email
FROM $this->address_table WHERE last_name LIKE '$letter%'";
$result = mysql_query($query);
// Open "rows.addresses" file and read contents into variable.
$fh = fopen("$variable_name", "r");
$file_contents = fread($fh, filesize("rows.addresses") );
// Perform replacements of delimited variable names with table data while ($row = mysql_fetch_array($result)) :
Trang 9} // end template.class
The comments in Listing 12-11 should suffice for understanding themechanics of what is taking place However, there are still a few important points
to make First, notice that the rows.addresses file is opened only once An
alterna-tive way to code this method would be to repeatedly open and close the
rows.addresses file, replacing information each time and appending it to the
$complete_tablevariable However, this would be highly inefficient coding
prac-tice Therefore, take some time to review how the loop is used to continuously
append new table information to the $complete_table variable
Templates
Trang 10A second point to make about Listing 12-11 is that five new class attributesare used: $host, $user, $pswd, $db, and $address_table Each of these pertains toinformation that the MySQL server requires, and the meaning of each should beobvious If it isn’t obvious, take a moment to read through Chapter 11, “Data-bases.”
All that’s left to do now is code the file that triggers the template parsing Thisfile is shown in Listing 12-12 By clicking one of the letter links
(index.php?letter=someletter) in book.html (Listing 12-8), this file will be called,
in turn regenerating the book.html file with appropriate information
Listing 12-12: Template parser index.php
<?
include("template.class");
$page_title = "Address Book";
// The default page will retrieve persons having last name beginning with 'a'
effi-What’s Next?
This chapter introduced a particularly useful concept of both PHP and Web gramming in general: advanced template usage It began with a synopsis of thetwo templating systems covered thus far, simple variable substitution via PHPembedding, and the use of INCLUDE files to separate page components I thenintroduced the third and most advanced template strategy, which completelyseparates the code from the design of the page The remainder of the chapter was
pro-Chapter 12
318
Trang 11spent examining a class built to implement this type of template, concluding with
a practical implementation of the template system, using a Web-based address
book as an example This example also built on the simple template class,
imple-menting an SQL parser
In particular, the following topics were discussed in this chapter:
• Why templates?
• Simple template #1: embedding PHP in HTML
• Simple template #2: using INCLUDE files to separate components
• Advanced templating through the complete division of design and code
• The template class
• File registration
• Variable registration
• File parsing
• File printing
• Disadvantages to using templates
• Address book project that expands on the default class, implementing anSQL parser
Next chapter, I continue the discussion of dynamic Web application ment, introducing how cookies and session tracking can add a new degree of user
develop-interactivity to your Web site!
Templates
Trang 13C H A P T E R 1 3 Cookies and Session
Tracking
The ability to track users and customize user information based on personal
pref-erences has become both one of the hottest and most debated features to be
offered on the Web While the advantages of being able to offer users services
based on exactly what they desire are obvious, many questions have been raised
regarding privacy in terms of the ramifications of being able to “follow” a user as
that user navigates from page to page, and even from site to site
Barring privacy concerns, the process of tracking user information throughcookies or other technologies can be immensely beneficial to both the user and
the site offering these services It is to the user’s benefit that these services provide
the opportunity to customize content, weeding out any information that may be
uninteresting or useless This capability is also highly beneficial to the site
admin-istrators, as tracking user preferences and habits opens up a whole new realm of
possibilities for user interaction, including targeted marketing and a vastly
supe-rior analysis of the popularity of their onsite content On the
commerce-domi-nated Web, these capabilities are by now practically the de facto standard
This idea of tracking a user while navigating through your site can be defined
as session tracking Given the vast amount of knowledge that could be gained
from introducing session tracking into your site architecture, it could be said that
the advantages of session tracking and providing customized content far
out-weigh the disadvantages With that said, this could hardly be considered a
com-plete PHP textbook without devoting a chapter to PHP’s session-tracking
capabili-ties In this chapter, I introduce several concepts closely intertwined with session
tracking, namely, session cookies and their uses, unique session identification
numbers, before concluding the chapter with a synopsis of PHP’s predefined
ses-sion-tracking configuration and predefined functions
What Is a Cookie?
A cookie is nothing more than a small parcel of information that is sent by a Web
server and stored on a client browser This can be advantageous to the developer
because useful data regarding the user session can be stored and then later
retrieved, resulting in the creation of a state of persistence between the client and
Trang 14server Cookies are commonly used by many Internet sites as a means to enhanceboth user experience and site efficiency, providing a way to track user navigation,actions, and preferences The ability to store this information is a key feature forsites offering such services as online shopping, site personalization, and targetedadvertising.
Due to the usercentric purpose of cookie usage, the key piece of informationstored is likely to be a unique user identification number (UIN) This ID is subse-quently stored in a database and is used as the key for retrieving any informationstored in the database that is mapped to this UIN Of course, it is not mandatorythat the cookie is used to store a UIN; you could store anything you like in thecookie, provided that its total size does not surpass four kilobytes (4096 bytes)
Cookie Components
Interestingly, other pieces of information are also stored in the cookie, enablingthe developer to tailor its usage in terms of domain, time frame, path, and secu-rity Here are descriptions of the various cookie components:
• name—The cookie name is a mandatory parameter because the name is
the parameter from which the cookie is referenced The cookie name can
be essentially thought of in terms of a variable name
• value—A cookie value is simply a piece of data mapped to the cookie name.
This could be a user identification number, background color, date, thing
any-• expiration date—This date defines the lifetime of the cookie Once this
timestamp equals the current date and time, the cookie will expire and berendered unusable According to cookie specifications, inclusion of theexpiration date is optional However, PHP’s cookie-setting functionalityrequires that this expiration date is set According to the cookie specifica-tions, if an expiration date is not included, the cookie will expire at the end
of the user session (that is, when the user exits the site)
• domain—This is the domain that both created and can read the cookie
If a domain has multiple servers and would like all servers to be able to access the same cookie, then the domain could be set in the form of phprecipes.com In this case all potential third-level domains falling underthe PHPrecipes site, such as wap.phprecipes.com or news.phprecipes.com,would have access to the cookie For security reasons, a cookie cannot beset for any domain other than the one mapped to the server attempting to
Chapter 13
322
Trang 15set the cookie This parameter is optional If it is not included, it will default
to the domain name from which the cookie is emanating
• path—The path setting specifies the URL path from which the cookie is
valid Any attempt to retrieve a cookie from outside of this path will fail
Setting path is optional If it is not set, then the path will be set to the path
of the document from which the cookie is created
• security—This determines whether or not the cookie can be retrieved in a
nonsecure setting Because the cookie will be primarily used in a nonsecuresetting, this optional parameter will default to FALSE
Although all cookies must abide by the same set of syntax rules when they areset, the cookie storage format is browser dependent For example, Netscape Com-
municator stores a cookie in a format similar to the following:
.phprecipes.com FALSE / FALSE 971728956 bgcolor blue
In Internet Explorer, the same cookie would be stored as:
newline character found at the end of each line, causing them to appear as
squares in the cookie document
Cookies and Session Tracking
NOTE Internet Explorer stores its cookie information in a folder aptly tled “Cookies,” while Netscape Communicator stores it in a single file enti- tled “cookies.” Just perform a search on your drive to find these files.
Trang 16If you took a moment to read the introduction to cookies, you are alreadyfamiliar with the parameters in the setcookie() syntax If you’ve skipped aheadand are not familiar with the mechanics of persistent cookies, I suggest that youreturn to the beginning of this section and read through the introduction, as all ofthe setcookie() parameters are introduced there.
Before proceeding, I ask that you read the following sentence not once, not
twice, but three times A cookie must be set before any other page-relevant
infor-mation is sent to the browser Write this 500 times on a blackboard, get a tattoostating this rule, teach your parrot to say it: I don’t care, just get it straight In otherwords, you cannot just set a cookie where you wish in a Web page It must be sent
before any browser-relevant information is sent; otherwise it will not work.
Another important restriction to keep in mind is that you cannot set a cookieand then expect to use that cookie in the same page Either the user must refreshthe page (don’t count on it), or you will have to wait until the next page requestbefore that cookie variable can be used
This example illustrates how setcookie() is used to set a cookie containing auser identification number:
Trang 17• This cookie is only accessible via the phprecipes.com domain.
• This cookie is accessible via a nonsecured protocol
The next example, shown in Listing 13-1, illustrates how a cookie can be used
to store page-formatting preferences, in this case the background color Notice
how the cookie will only be set if the form action has been executed.
Listing 13-1: Storing a user’s favorite background color
<form action="<? print $PHP_SELF; ?>" method="post">
What's your favorite background color?
page will be set to the value specified by the variable $bgcolor Otherwise, an
Cookies and Session Tracking
Trang 18HTML form will appear, prompting the user to specify a favorite backgroundcolor Once the color is specified, subsequent reloading of the page or traversal toany page using the cookie value $bgcolor will be recognized.
Interestingly, you can also use array notation to specify cookie names Youcould specify cookie names as uid[1], uid[2], uid[3], and so on, and then lateraccess these values just as you would a normal array Check out Listing 13-2 for anexample of how this works
Listing 13-2: Assigning cookie names according to array index value
<?
setcookie("phprecipes[uid]", "4139b31b7bab052", time()+3600);
setcookie("phprecipes[color]", "black", time()+3600);
setcookie("phprecipes[preference]", "english", time()+3600);
if (isset ($phprecipes)) { while (list ($name, $value) = each ($phprecipes)) { echo "$name = $value<br>\n";
} }
?>
Executing this script results in the following output, in addition to three cookiesbeing set on the user’s computer:
uid = 4139b31b7bab052 color = black
preference = english
Perhaps the most common use of cookies is for storage of a user tion number that will be later used for retrieving user-specific information Thisprocess is illustrated in the next listing, where a UIN is stored in a MySQL data-base The stored information is subsequently retrieved and used to set variouspieces of information regarding the formatting of the page
identifica-To set the stage for the next listing, assume that a table entitled user_inforesides on a database named user The user_info table contains three pieces of
Chapter 13
326
NOTE Although the use of array-based cookies may seem like a great idea for storing all kinds of information, keep in mind that certain browsers (such as Netscape Communicator) limit the number of cookies to 20 per domain.
Trang 19information: a user ID, first name, and email address This table was created using
the following syntax:
mysql>create table user_info (
com-name, and email address) has already been inserted into the database To
elimi-nate the need for the user to later log in, the user ID (set to 15 in Listing 13-3 for
the sake of illustration) is stored on the user’s computer by way of a cookie
Listing 13-3: Retrieving user information from a database
<?
if (! isset($userid)) :
$id = "15";
setcookie ("userid", $id, time()+3600);
print "A cookie containing your userID has been set on your machine Please refresh the page to retrieve your user information";
else:
@mysql_connect("localhost", "web", "4tf9zzzf")
or die("Could not connect to MySQL server!");
@mysql_select_db("user") or die("Could not select user database!");
print "Hi ".$row["fname"].",<br>";
print "Your email address is ".$row["email"];
mysql_close();
endif;
?>
Listing 13-3 highlights just how useful cookies can be for identifying users
The above scenario could be applied to any number of situations, ranging from
eliminating the need to log in to effectively tracking user preferences
Cookies and Session Tracking
Trang 20The listing in the next section, “Unique Identification Numbers,” illustratesthe complete process of user registration and subsequent storage of the uniqueuser ID.
Unique Identification Numbers
By now you are probably curious just how easy it is to create a unique UIN Putyour college calculus books away; there is no need for funky 17th-century algo-rithms PHP provides an easy way to create a unique UIN through its predefinedfunction uniqid()
The function uniqid() generates a 13-character unique identification ber based on the current time Its syntax is:
num-int uniqid (string prefix [, boolean lcg])
The input parameter prefix can be used to begin the UIN with a particular stringvalue Since prefix is a required parameter, you must designate at least an emptyvalue If set to TRUE, the optional input parameter lcg will cause uniqid() to pro-duce a 23-character UIN To quickly create a unique ID, just call uniqid() using anempty value as the sole input parameter:
$uniq_id = uniqid("");
// Some 13 character value such as ' 39b3209ce8ef2' will be generated.
Another way to create a unique ID is to prepend the derived value with astring, specified in the input parameter prefix, as shown here:
$uniq_id = uniqid("php", TRUE);
// Some 16 character value such as 'php39b3209ce8ef2' will be generated.
Given the fact that uniqid() creates its UIN based on the current time of thesystem, there is a remote possibility that it could be guessed Therefore, you maywant to ensure that its value is truly random by first randomly choosing a prefixusing another of PHP’s predefined functions, rand() The following exampledemonstrates this usage:
srand ((double) microtime() * 1000000);
Trang 21Chap-The function srand() acts to initiate the random number generator If youwant to ensure that rand() consistently produces a random number, you must
execute srand() first Placing rand() as an input parameter to uniqid() will result
in rand() first being executed, returning a prefix value to uniqid(), which will
then execute, producing a UIN that would be rather difficult to guess
Armed with the knowledge of how to create unique user IDs, you can nowcreate a practical user registration scheme On first request of the script in Listing
13-4, the user is greeted with a short form requesting a name and email address
This information will be then inserted along with a generated unique ID into the
table user_info, first described along with Listing 13-3 A cookie containing this
unique ID is then stored on the user’s computer Any subsequent visit to the page
will prompt the script to query the database based on the unique user ID stored
in the cookie, displaying the user information to the screen
Listing 13-4: A complete user registration process
<?
// build form
$form = "
<form action=\"Listing13-4.php\" method=\"post\">
<input type=\"hidden\" name=\"seenform\" value=\"y\">
Your first name?:<br>
<input type=\"text\" name=\"fname\" size=\"20\" maxlength=\"20\" value=\"\"><br>
Your email?:<br>
<input type=\"text\" name=\"email\" size=\"20\" maxlength=\"35\" value=\"\"><br>
<input type=\"submit\" value=\"Register!\">
</form>
";
// If the form has not been displayed and the user does not have a cookie.
if ((! isset ($seenform)) && (! isset ($userid))) :
print $form;
// If the form has been displayed but the user information
// has not yet been processed
elseif (isset ($seenform) && (! isset ($userid))) :
srand ((double) microtime() * 1000000);
$uniq_id = uniqid(rand());
// connect to the MySQL server and select the users database
@mysql_pconnect("localhost", "web", "4tf9zzzf")
or die("Could not connect to MySQL server!");
@mysql_select_db("user") or die("Could not select user database!");
Cookies and Session Tracking
Trang 22// declare and execute query
$query = "INSERT INTO user_info VALUES('$uniq_id', '$fname', '$email')";
$result = mysql_query($query) or die("Could not insert user information!"); // set cookie "userid" to expire in one month.
setcookie ("userid", $uniq_id, time()+2592000);
print "Congratulations $fname! You are now registered! Your user information will be displayed on each subsequent visit to this page.";
// else if the cookie exists, use the userID to extract // information from the users database
elseif (isset($userid)) : // connect to the MySQL server and select the users database
@mysql_pconnect("localhost", "web", "4tf9zzzf")
or die("Could not connect to MySQL server!");
@mysql_select_db("user") or die("Could not select user database!");
// declare and execute query
$query = "SELECT * FROM user_info WHERE user_id = '$userid'";
$result = mysql_query($query) or die("Could not extract user information!");
$row = mysql_fetch_array($result);
print "Hi ".$row["fname"].",<br>";
print "Your email address is ".$row["email"];
endif;
?>
The judicious use of several if conditionals makes it possible to use one script
to take care of each step of the registration and subsequent user recognition cess There are three scenarios involved in this script:
pro-• The user has not seen the form and does not have a valid cookie This is thestep where the user is presented with the form
• The user has filled in the form and does not yet have a valid cookie This isthe step where the user information is entered into the database, and thecookie is set, due to expire in one month
• The user returns to the script If the cookie is still valid (has not expired),the cookie is read in and the relevant information is extracted from thedatabase
Chapter 13
330
Trang 23The general process shown in Listing 13-4 could of course be applied to any
data-base This illustrates, on a very basic level, how many of the larger sites are able to
apply user-specified preferences to their site, resulting in a “tailor-made” look for
For more information regarding cookies and their usage, take a moment to read
through a few of the resources that I’ve gleaned from the Web:
user-spe-cookies can not be solely relied on since users can set their browsers to refuse to
accept cookies Thankfully, PHP offers an alternative methodology for storing
per-sistent information; This method is called session tracking and is the subject of
the next section
Session Handling
A session is best defined as the period of time beginning when a user enters your
site and ending when the user exits Throughout this session, you may wish to
assign various variables that will accompany the user while navigating around
your site, without having to manually code a bunch of hidden forms or appended
URL variables This otherwise tedious process becomes fairly easy with session
handling.
Consider the following scenario Using session handling, a user entering yoursite would be assigned a unique session id (SID) This SID is then sent to the user’s
browser in a cookie entitled PHPSESSID If cookie support is disabled or not
sup-ported, this SID can be automatically appended to all local URLs throughout the
user session At the same time, a file with the same name as the SID is stored on
Cookies and Session Tracking