482 Part IV . Development Throughout the program,
482 Part IV . Development Throughout the program, the persistent challenge is to keep track of both the similarities and the significant differences between Perl and PHP to avoid losing functionality. Cookies with no milk Cookies are value-plus-parameter pairs stored in the HTTP header and sent to a Web agent (such as a browser) when retrieving an object usually a Web page from the Internet. They are commonly used to store user-related data (such as session identifiers) and can be set to expire at a point in the future determined by the site that sets and uses the cookie. Although PHP includes functions for setting and easily retrieving cookies, it also includes other functions for setting and retrieving session identifiers; some of these don t use cookies. A developer can use either a cookie function or a session function in PHP to maintain state or authenticate users for Web pages. There are probably endless methods for creating authentication mechanisms for Web sites and Web pages. This section examines one method for authenticating users that also sets a cookie with a session identifier. The approach that is specifically relevant to this book is to integrate the authentication mechanism with a MySQL database. Once that integration is complete, visitors can enter a username and password. The credentials will be authenticated against data in a MySQL database. If the login is successful, a session ID and timestamp are recorded in the MySQL database. A cookie is sent to the user upon success, containing that same session ID and user- name (in encrypted form). When the user attempts to access another resource within the site, the user s cookie is examined and compared to the one in the database. If it s valid, the user is allowed to access the resource. In addition, the database includes a group function so resources can be limited by group (should the need arise). No need to undertake full normalization of the database for this site. Since the site is intended for low usage, normalization would have little or no effect on performance. The first step toward the authentication system is to create the database in effect, a big table with some special features. The table for the authentication system has the following structure: CREATE TABLE `user_table` ( `user` varchar(20) NOT NULL default , `pass` varchar(20) default NULL, `session` varchar(50) default NULL, `auth_group` varchar(20) default NULL, `timestamp` varchar(32) default NULL, PRIMARY KEY (`user`) Note
Check Tomcat Web Hosting services for best quality webspace to host your web application.