Monday, 11/12/2017 | 9:39 UTC+5
Mehta Websolution's Blog

How to Secure Cookie in PHP using Session

An alternative way to make data accessible across the various pages of an entire website is to use a PHP Session.session creates a file in a temporary directory on the server where registered session variables and their values are stored. This data will be available to all pages on the site during that visit.

But now you want to set permissions on these session variables or values to accessing on other folder or page.for this you want to set the session cookie parameters.

Set the session cookie parameters PHP have function:

 

Parameters :

lifetime – Lifetime of the session cookie, defined in seconds.
path – Path on the domain where the cookie will work. Use a single slash (‘/’) for all paths on the domain.
domain – Cookie domain, for example ‘www.example.com’. To make cookies visible on all subdomains then the domain must be prefixed with a dot like ‘.example.com’.
secure – If TRUE cookie will only be sent over secure connections.
httponly – If set to TRUE then PHP will attempt to send the httponly flag when setting the session cookie.

 

Example :

In above example says now values of cookies that will be created anywhere inside the page of abc/xyz folder will be accessable only inside abc/xyz folder not in other folder present anywhere on server.

This function has not returned any value and you need to call session_set_cookie_params() for every request and before session_start() is called.

Get the session cookie parameters :

To get the session cookie parameters PHP have function

Returns an array with the current session cookie information, the array contains the following items:

lifetime – The lifetime of the cookie in seconds.
path – The path where information is stored.
domain – The domain of the cookie.
secure – The cookie should only be sent over secure connections.
httponly – The cookie can only be accessed through the HTTP protocol.

Example :

$params returned array with 5 parameters as listed above.

About

Mehta Websolution is a web development company based in Jamnagar, Gujarat, India. providing a full range of web services including web design, web development, web promotion, search engine optimization, web hosting and domain registration and all Internet services at accessible cost since it was established in 2007. A company which provides you a full range of web services Contact us for web design, web development, web promotion, search engine optimization, web hosting and domain registration at an affordable cost. IF you are looking for an IT Solutions Provider who can implement your Dreams in a reality form of exhaustive web applications, innovative software, and creative designs or for fastidious solutions and persistent services, you are at the right place. we provide you software development and web solutions all across the globe. Our strategic location and proven experience enables us to provide you with the best services and outsourcing for your Software Development, Web Development, E-commerce, Multimedia Presentations and Web Based Applications at the corporate level.

POST YOUR COMMENTS

Your email address will not be published. Required fields are marked *

4 + ten =

Mehta Websolution Since 2007

Company is Government & Defence (Indian Navy, Army & Air Force) Approval I.T. Contractor, An ISO 9001:2008 Certified I.T. Company and Google Enterprise for Work Partner.