Use of Session and Cookie in login

system

Session
Sessions are a simple way to store data for individual
users against a unique session ID. This can be used to
persist state information between page requests.
Session IDs are normally sent to the browser via session cookies and the ID is used to retrieve
existing session data.
When you work with an application, you open it, do some changes, and then you close it. This is
much like a Session. The computer knows who you are. It knows when you start the application
and when you end. But on the internet there is one problem: the web server does not know who
you are or what you do, because the HTTP address doesn't maintain state.
Session variables solve this problem by storing user information to be used across multiple
pages (e.g. username, favorite color, etc). By default, session variables last until the user closes
the browser.

Let’s implement the session for your loin system . Remember that when you use $_SESSION
super global variable you must start session first in your php page by the following php function
sesssion_start(). You need to set a session by a unique session ID like
$_SESSION[‘email’]=’m@x.com’. Now open your admin-login index file.set session when login
confirm, And then add the following code to implement session .

<?php>
include '../includes/connection.php';
session_start();
if(isset($_SESSION['email']))
{
header('Location: '.$Anmin_location);
}
……….
if($result->num_rows==1)
}
$_SESSION['email']= $Admin_Email;
header('Location: '.$Anmin_location);
}
……...
<?>

This code established session and redirect in the location '/admin/index.php' until the browser is
closed/destroy session.
Now open the index.php of admin file .here need to write some thing to redirect to admin-login
index.php if session is not established. Don’t forget to start session

<?php
session_start();
$Admin_login_location=’../admin_login/index.php’
if(!isset($_SESSION['email']))
{
header('Location: '.$Admin_login_location);
}
?>

COOKIE
A cookie is often used to identify a user. A cookie is a small file that the server embeds on the
user's computer. Each time the same computer requests a page with a browser, it will send the
cookie too. With PHP, you can both create and retrieve cookie values.

The main difference between a session and a cookie is that session data is stored on the
server, whereas cookies store data in the visitor’s browser.

Sessions are more secure than cookies as it is stored in server.Cookie can be turn off from
browser.

Data stored in cookie can be stored for months or years depending on the life span of the
cookie.But the data in the session is lost when the web browser is closed.
If keep me logged in is checked then set cookie by the method setcookie(). Let’s implement it.
Open admin index.php.For more information please see below link.

<?php>
include '../includes/connection.php';
session_start();
if(isset($_SESSION['email'])||isset($_COOKIE['email']))
{
header('Location: '.$Admin_location);

……….
if($result->num_rows==1)
}
$_SESSION[‘email’]= $Admin_Email;

if(isset($_POST['keep_logged'])) //’keep_logged’ in is the name of check box

{
setcookie('email',$Admin_Email,time()+60*60*24*30,'/');
}

header('Location: '.$Anmin_location);
}
……...
<?>

Now open the index.php of admin file .here need to write some thing to redirect to admin-login
index.php if cookie is not set.

<?php
session_start();
$Admin_login_location=’../admin_login/index.php’

if(!(isset($_SESSION['email'])||isset($_COOKIE['email'])))
{
header('Location: '.$Admin_login_location);

?>

It’s done . now check it by your browser ……

Thanks