Skip to main content

Encoding/Decoding Session Data

PHP stores all the session data associated with a session ID in a single string and handles the
decoding of this string automatically. However, there are times when it may be necessary or
beneficial to handle this process manually. The first thing to understand is how the string is put
together. In the following example, three session variables are stored (last name, first name and
phone number):

lname|s:6:"Gordon";fname|s:6:"Jethro";phone|s:10:"7197235674";

The session variables are separated by a semicolon (;) and then can be broken down into their
individual components: name of the variable, length of the string that is contained and the value
itself. For the session variable lname, the length of the string is 6 characters long and the value
that is stored in the string is "Gordon".

Encoding the Session Variables

The function session_encode allows for all the session variables available to the user to be
encoded into a single string (as shown above). This can be helpful in the event that a developer
may wish to store this string into a database and later retrieve it.

<?php
session_start();
// Load the session variables with values
$_SESSION['lname'] = 'Gordon';
$_SESSION['fname'] = 'Jethro';
$_SESSION['phone'] = '7197235674';
// Combine all the session variables together
// into a single string
$session_variables = session_encode();
?>

Decoding the Session Variables

The manual decoding process is as simple as the encoding process when using the
session_decode() function. This function takes one input parameter; the variable that is storing
the encoded session variable string. When decoded, each value will be placed into its
corresponding session variable.

<?php
session_start();
// Obtain the Session ID from the local system
$SID = session_id();
// Read in the encoded session string from MySQL
$linkID1 = mysql_connect("localhost", "root", "training");
$session_query = "SELECT sessionVars FROM world.user
WHERE sid = $SID";
$session_result = mysql_query($session_query, $linkID1);
list($session_variables) = mysql_fetch_row($session_result);
session_decode($session_variables);
print "Name: ".$_SESSION['lname'].", ".$_SESSION['fname'];
print " Phone: ".$_SESSION['phone']."<br>\n";
mysql_close($linkID1);
?>

Comments

Popular posts from this blog

PHP INTRODUCTION

                     PHP  (recursive acronym for  PHP: Hypertext Preprocessor ) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. PHP stands for  P HP:  H ypertext  P reprocessor PHP is a server-side scripting language, like ASP PHP scripts are executed on the server PHP supports many databases (MySQL, Informix, Oracle, Sybase, Solid, PostgreSQL, Generic ODBC, etc.) PHP is an open source software PHP is free to download and use Why PHP? PHP runs on different platforms (Windows, Linux, Unix, etc.) PHP is compatible with almost all servers used today (Apache, IIS, etc.) PHP is FREE to download from the official PHP resource:  www.php.net PHP is easy to learn and runs efficiently on the server side What can PHP do? Anything. PHP is mainly focused on server-side scripting, so you can...

Data Encryption

Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient. The intended recipient can then decode (or decrypt) the information. PHP offers multiple means to make this happen. However, none of these solutions are very effective without the applications running on secure servers and connections. The following are a list of the more common encryption functions in PHP: • md5() - MD5 is a third-party hash algorithm that PHP can use to create a digital fingerprint of a piece of data. It is next to impossible to (efficiently) recover the original text when a piece of data has been encrypted with the md5 hash algorithm. It is also vastly unlikely that any different text string will create an identical hash - a 'hash collision'. These properties make hashes ideally suited for storing an application's passwords because although an attacker may compromise a part of the system...

Delimiting PHP Code

                           PHP was originally designed to be used in conjunction with a web server, and in the case of the LAMP architecture, the Apache Web Server.  PHP applications are designed embedding PHP scripts within a web page along with its HTML.  Unlike standard HTML pages which are sent directly from the web server to the end user, PHP files are first interpreted by the PHP application which then converts the PHP script into another form for display.  This process eliminates the end user from being able to see the original PHP script that was embedded in the HTML and provides  true interaction in HTML files.  This process is similar to proprietary applications such as ASP and Coldfusion; however, PHP is Open Source and cross- platform. PHP Tags             PHP scripts are distinguished from the HTML scripts by using delimiting characters ...