Authenticate and Track Users with PHP
Page 7 —
Sessions and User Preferences
|
Let's move beyond the simple hit counter and show sessions in all their glory. In this example, we'll track user preferences. We'll start a session, ask a user for his or her favorite background color and text color, display those preferences, and allow the user to change them. Pretty neat, huh?
For the first step, create a file called session01.php. Start a session if it doesn't exist and register the variables we'll use later: $body_color and $text_color.
|
<?
// File name: session01.php
session_start();
if (!$PHPSESSID) {
session_register('body_color');
session_register('text_color');
} else if ((!$body_color) || (!$text_color)) {
session_register('body_color');
session_register('text_color');
}
?>
|
OK, I may have thrown you for a moment. This if/else if loop is pretty important. It registers the session variables only if a value for $PHPSESSID does not exist or if the $body_color and $text_color variables have not yet been created or registered with a session.
There's a reason for this; I promise. Since users will come back to this screen to reset their color preferences, we have to take into account the fact that the value of $body_color and $text_color must be extracted from the session itself. Take a look at this:
|
<?
session_start();
session_register('body_color');
session_register('text_color');
?>
|
If we just used this at the top of the page, then each time the page is loaded, the value of $body_color and $text_color would be overwritten by an empty string or a newly registered, empty variable.
Trust me; we'll come back to this concept. For now, we'll create a simple HTML form that asks users to select their color preferences. Since users will be coming back to this page to modify their color preferences at some point, you'll also want to show it using their selected colors. So before the HTML <BODY> tag, we'll add some PHP that can determine users' preferred colors, if any, or define the defaults if preferences have not yet been set:
In the end, your code should look something like this:
|
<?
// File name: session01.php
// if a session does not yet exist for this user, start one
session_start();
if (!$PHPSESSID) {
session_register('body_color');
session_register('text_color');
} else if ((!$body_color) || (!$text_color)) {
session_register('body_color');
session_register('text_color');
}
?>
<HTML>
<HEAD>
<TITLE>Setting Prefs</TITLE>
</HEAD>
<?
if (!$body_color) {
$body_color = "#FFFFFF";
}
if (!$text_color) {
$text_color = "#000000";
}
?>
<BODY BGCOLOR="<? echo "$body_color"; ?>" TEXT="<? echo "$text_color"; ?>">
<H1>Set Your Color Preferences</h1>
<FORM METHOD="POST" ACTION="session02.php">
<P><strong>Pick a Background Color:</strong><br>
<input type="radio" name="sel_body_color" value="#FFFFFF">white
<input type="radio" name="sel_body_color" value="#000000">black
<input type="radio" name="sel_body_color" value="#7FFF00">chartreuse
<input type="radio" name="sel_body_color" value="#B0C4DE">light steel blue
<input type="radio" name="sel_body_color" value="#FF6347">tomato
</p>
<P><strong>Pick a Text Color:</strong><br>
<input type="radio" name="sel_text_color" value="#FFFFFF">white
<input type="radio" name="sel_text_color" value="#000000">black
<input type="radio" name="sel_text_color" value="#F5DEB3">wheat
<input type="radio" name="sel_text_color" value="#BC8F8F">rosy brown
<input type="radio" name="sel_text_color" value="#00FF7F">spring green
</p>
<P><input type="submit" name="submit" value="Set Prefs"></p>
</FORM>
</BODY>
</HTML>
|
In the next step, the form action (session02.php), we'll assign the color values selected by the user to the appropriate session variables. Start by creating a session if one doesn't exist and registering the $body_color and $text_color session variables if they don't exist.
Remember, since we assigned temporary values to $body_color and $text_color in step one, they aren't considered empty and thus won't be re-registered with the session.
|
<?
// File name: session02.php
// if a session does not yet exist for this user, start one
session_start();
if (!$PHPSESSID) {
session_register('body_color');
session_register('text_color');
} else if ((!$body_color) || (!$text_color)) {
session_register('body_color');
session_register('text_color');
}
?>
Now assign the selected values to the session variables:
// do something w/ POST vars
$body_color = $sel_body_color;
$text_color = $sel_text_color;
|
You may wonder why we didn't just name the form input elements "body_color" and "text_value." That way, we'd automatically have the new values, right? Wrong. For important security reasons, you can't directly change the value of a registered session variable using POST or GET. In your script, you must explicitly reassign the values as we have done here.
Finish the script, checking for the value of the two variables and assigning default values if they're still empty (if, for example, a user accessed step 2 before step 1 for some annoying reason). Print the values in the <BODY> tag and elsewhere in your script, just to show users that they have indeed changed.
|
next page»
|
|
