Sessions

The Hypertext Transfer Protocol (HTTP) is stateless, which vastly simplifies its implementation because a web server does not retain information across requests. Unfortunately, web applications require maintaining state – e.g., to implement a shopping cart. Cookies and sessions are two ways to maintain state about a user’s interactions to overcome this limitation of HTTP.

Learning Objectives

• Describe an HTTP cookie
• Use PHP sessions to implement authentication for web pages
• Compare and contrast HTTP cookies and PHP sessions to track state

How to Complete this Lesson

Complete the following learning activities: (2.75–3.25 hours total)

1. Read HTTP cookies (10–15 minutes)
2. Attend the class meeting (60 minutes)
   • Review the handout (10–15 minutes)
3. Complete the web development programming exercise (PEX) (90–120 minutes)
   • Pass the automated tests for the website
   • Add feature(s) to the website

Due

As a reminder, the following is due this lesson:

• PEX: Web Development

Resources

• Web APIs that provide alternatives to cookies for client-side storage:
  • Web Storage API (5 minutes)
  • IndexedDB (5–10 minutes)

---

« PHP Database Programming

SQL Injection and XSS »