Cours php tutoriel 4
PHP - Sessions
An alternative way to make data accessible across the various pages of an entire website is to use a PHP Session.
A session creates a file in a temporary directory on the server where registered session variables and their values are stored. This data will be available to all pages on the site during that visit.
The location of the temporary file is determined by a setting in the php.ini file called session.save_path. Before using any session variable make sure you have setup this path.
When a session is started following things happen −
- PHP first creates a unique identifier for that particular session which is a random string of 32 hexadecimal numbers such as 3c7foj34c3jj973hjkop2fc937e3443.
- A cookie called PHPSESSID is automatically sent to the user's computer to store unique session identification string.
- A file is automatically created on the server in the designated temporary directory and bears the name of the unique identifier prefixed by sess_ ie sess_3c7foj34c3jj973hjkop2fc937e3443.
When a PHP script wants to retrieve the value from a session variable, PHP automatically gets the unique session identifier string from the PHPSESSID cookie and then looks in its temporary directory for the file bearing that name and a validation can be done by comparing both values.
A session ends when the user loses the browser or after leaving the site, the server will terminate the session after a predetermined period of time, commonly 30 minutes duration.
Starting a PHP Session
A PHP session is easily started by making a call to the session_start()function.This function first checks if a session is already started and if none is started then it starts one. It is recommended to put the call to session_start() at the beginning of the page.
Session variables are stored in associative array called $_SESSION[]. These variables can be accessed during lifetime of a session.
The following example starts a session then register a variable called counterthat is incremented each time the page is visited during the session.
Make use of isset() function to check if session variable is already set or not.
Put this code in a test.php file and load this file many times to see the result −
<?php session_start(); if( isset( $_SESSION['counter'] ) ) { $_SESSION['counter'] += 1; }else { $_SESSION['counter'] = 1; } $msg = "You have visited this page ". $_SESSION['counter']; $msg .= "in this session."; ?> <html> <head> <title>Setting up a PHP session</title> </head> <body> <?php echo ( $msg ); ?> </body> </html>
It will produce the following result −
You have visited this page 1in this session.
Destroying a PHP Session
A PHP session can be destroyed by session_destroy() function. This function does not need any argument and a single call can destroy all the session variables. If you want to destroy a single session variable then you can use unset() function to unset a session variable.
Here is the example to unset a single variable −
<?php unset($_SESSION['counter']); ?>
Here is the call which will destroy all the session variables −
<?php session_destroy(); ?>
Turning on Auto Session
You don't need to call start_session() function to start a session when a user visits your site if you can set session.auto_start variable to 1 in php.ini file.
Sessions without cookies
There may be a case when a user does not allow to store cookies on their machine. So there is another method to send session ID to the browser.
Alternatively, you can use the constant SID which is defined if the session started. If the client did not send an appropriate session cookie, it has the form session_name=session_id. Otherwise, it expands to an empty string. Thus, you can embed it unconditionally into URLs.
The following example demonstrates how to register a variable, and how to link correctly to another page using SID.
<?php session_start(); if (isset($_SESSION['counter'])) { $_SESSION['counter'] = 1; }else { $_SESSION['counter']++; } $msg = "You have visited this page ". $_SESSION['counter']; $msg .= "in this session."; echo ( $msg ); ?> <p> To continue click following link <br /> <a href = "nextpage.php?<?php echo htmlspecialchars(SID); ?>"> </p>
It will produce the following result −
You have visited this page 1in this session. To continue click following link
The htmlspecialchars() may be used when printing the SID in order to prevent XSS related attacks.
PHP - Sending Emails using PHP
PHP must be configured correctly in the php.ini file with the details of how your system sends email. Open php.ini file available in /etc/ directory and find the section headed [mail function].
Windows users should ensure that two directives are supplied. The first is called SMTP that defines your email server address. The second is called sendmail_from which defines your own email address.
The configuration for Windows should look something like this −
[mail function] ; For Win32 only. SMTP = smtp.secureserver.net ; For win32 only sendmail_from = webmaster@tutorialspoint.com
Linux users simply need to let PHP know the location of their sendmailapplication. The path and any desired switches should be specified to the sendmail_path directive.
The configuration for Linux should look something like this −
[mail function] ; For Win32 only. SMTP = ; For win32 only sendmail_from = ; For Unix only sendmail_path = /usr/sbin/sendmail -t -i
Now you are ready to go −
Sending plain text email
PHP makes use of mail() function to send an email. This function requires three mandatory arguments that specify the recipient's email address, the subject of the the message and the actual message additionally there are other two optional parameters.
mail( to, subject, message, headers, parameters );
Here is the description for each parameters.
| Sr.No | Parameter & Description |
|---|---|
| 1 |
to
Required. Specifies the receiver / receivers of the email
|
| 2 |
subject
Required. Specifies the subject of the email. This parameter cannot contain any newline characters
|
| 3 |
message
Required. Defines the message to be sent. Each line should be separated with a LF (\n). Lines should not exceed 70 characters
|
| 4 |
headers
Optional. Specifies additional headers, like From, Cc, and Bcc. The additional headers should be separated with a CRLF (\r\n)
|
| 5 |
parameters
Optional. Specifies an additional parameter to the send mail program
|
As soon as the mail function is called PHP will attempt to send the email then it will return true if successful or false if it is failed.
Multiple recipients can be specified as the first argument to the mail() function in a comma separated list.
Sending HTML email
When you send a text message using PHP then all the content will be treated as simple text. Even if you will include HTML tags in a text message, it will be displayed as simple text and HTML tags will not be formatted according to HTML syntax. But PHP provides option to send an HTML message as actual HTML message.
While sending an email message you can specify a Mime version, content type and character set to send an HTML email.
Example
Following example will send an HTML email message to xyz@somedomain.com copying it to afgh@somedomain.com. You can code this program in such a way that it should receive all content from the user and then it should send an email.
<html> <head> <title>Sending HTML email using PHP</title> </head> <body> <?php $to = "xyz@somedomain.com"; $subject = "This is subject"; $message = "<b>This is HTML message.</b>"; $message .= "<h1>This is headline.</h1>"; $header = "From:abc@somedomain.com \r\n"; $header .= "Cc:afgh@somedomain.com \r\n"; $header .= "MIME-Version: 1.0\r\n"; $header .= "Content-type: text/html\r\n"; $retval = mail ($to,$subject,$message,$header); if( $retval == true ) { echo "Message sent successfully..."; }else { echo "Message could not be sent..."; } ?> </body> </html>
Sending attachments with email
To send an email with mixed content requires to set Content-type header to multipart/mixed. Then text and attachment sections can be specified within boundaries.
A boundary is started with two hyphens followed by a unique number which can not appear in the message part of the email. A PHP function md5() is used to create a 32 digit hexadecimal number to create unique number. A final boundary denoting the email's final section must also end with two hyphens.
<?php // request variables // important $from = $_REQUEST["from"]; $emaila = $_REQUEST["emaila"]; $filea = $_REQUEST["filea"]; if ($filea) { function mail_attachment ($from , $to, $subject, $message, $attachment){ $fileatt = $attachment; // Path to the file $fileatt_type = "application/octet-stream"; // File Type $start = strrpos($attachment, '/') == -1 ? strrpos($attachment, '//') : strrpos($attachment, '/')+1; $fileatt_name = substr($attachment, $start, strlen($attachment)); // Filename that will be used for the file as the attachment $email_from = $from; // Who the email is from $subject = "New Attachment Message"; $email_subject = $subject; // The Subject of the email $email_txt = $message; // Message that the email has in it $email_to = $to; // Who the email is to $headers = "From: ".$email_from; $file = fopen($fileatt,'rb'); $data = fread($file,filesize($fileatt)); fclose($file); $msg_txt="\n\n You have recieved a new attachment message from $from"; $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; $email_txt .= $msg_txt; $email_message .= "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type:text/html; charset = \"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $email_txt . "\n\n"; $data = chunk_split(base64_encode($data)); $email_message .= "--{$mime_boundary}\n" . "Content-Type: {$fileatt_type};\n" . " name = \"{$fileatt_name}\"\n" . //"Content-Disposition: attachment;\n" . //" filename = \"{$fileatt_name}\"\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n" . "--{$mime_boundary}--\n"; $ok = mail($email_to, $email_subject, $email_message, $headers); if($ok) { echo "File Sent Successfully."; unlink($attachment); // delete a file after attachment sent. }else { die("Sorry but the email could not be sent. Please go back and try again!"); } } move_uploaded_file($_FILES["filea"]["tmp_name"], 'temp/'.basename($_FILES['filea']['name'])); mail_attachment("$from", "youremailaddress@gmail.com", "subject", "message", ("temp/".$_FILES["filea"]["name"])); } ?> <html> <head> <script language = "javascript" type = "text/javascript"> function CheckData45() { with(document.filepost) { if(filea.value ! = "") { document.getElementById('one').innerText = "Attaching File ... Please Wait"; } } } </script> </head> <body> <table width = "100%" height = "100%" border = "0" cellpadding = "0" cellspacing = "0"> <tr> <td align = "center"> <form name = "filepost" method = "post" action = "file.php" enctype = "multipart/form-data" id = "file"> <table width = "300" border = "0" cellspacing = "0" cellpadding = "0"> <tr valign = "bottom"> <td height = "20">Your Name:</td> </tr> <tr> <td><input name = "from" type = "text" id = "from" size = "30"></td> </tr> <tr valign = "bottom"> <td height = "20">Your Email Address:</td> </tr> <tr> <td class = "frmtxt2"><input name = "emaila" type = "text" id = "emaila" size = "30"></td> </tr> <tr> <td height = "20" valign = "bottom">Attach File:</td> </tr> <tr valign = "bottom"> <td valign = "bottom"><input name = "filea" type = "file" id = "filea" size = "16"></td> </tr> <tr> <td height = "40" valign = "middle"><input name = "Reset2" type = "reset" id = "Reset2" value = "Reset"> <input name = "Submit2" type = "submit" value = "Submit" onClick = "return CheckData45()"></td> </tr> </table> </form> <center> <table width = "400"> <tr> <td id = "one"> </td> </tr> </table> </center> </td> </tr> </table> </body> </html>
تعليقات
إرسال تعليق