Transcript chapter11

11
Cookies
CGI/Perl
Programming
By Diane Zak
1
11
Objectives
• In this chapter, you will:
• Learn the difference between
temporary and persistent cookies
• Create a cookie
• Send a cookie to a web browser
• Access the information stored in
a cookie
2
11
Introduction
• Misconceptions about cookies:
– Contain viruses
– Gain access to private information
stored on a computer
• Truth about cookies:
– Cookie are just pieces of text
• Since they are not programs, they cannot
pass a virus or read a hard disk
3
11
Introduction
– Cookies only contain
information that has been
disclosed on the cookie’s
website
– A web site can only access
information stored in its
cookie
• Does not have access to any
other site’s cookie files
4
11
Using a Cookie
• A cookie is a piece of data that a
Web server stores in your computer
– Stored in RAM
• Random Access Memory
– Store on hard drive
– Allows site to remember information
about you
• Data entered on a form
• Number of times a site has been visited
• User preferences
5
11
Using a Cookie
• Every cookie can contain:
– Required key and value
– Optional information like expiration date
• 2 types of cookies:
– Temporary cookie
•
•
•
•
Also referred to as a session cookie
Stored in RAM (Random Access Memory)
Only exists while browser is open
Erased from memory when the browser is closed
6
11
Using a Cookie
• 2 types of cookies:
– Permanent cookie
• Stored in a text file
• Has expiration date telling browser when the
cookie should be deleted
• Netscape stores in cookies.txt file
– In Netscape directory
• Internet Explorer stores each cookie in a separate
file
– Each file name starts with your username
– In Cookies directory
7
11
Using a Cookie
• Browser’s responsibilities:
– Web browser keeps track of all cookies
sent to it by a particular server
– When a URL is typed into a browser, the
browser searches RAM and the hard
drive for any cookies belonging to the
server
• Contacts server and transmits any cookies
and the URL
• CGI.pm module contains functions
for creating and retrieving cookies
8
11
Creating a Cookie
• cookie function:
– Syntax:
cookie (-name => key,
-value => value,
-path => path,
-expires => expires);
• The => operator is the “corresponds to”
operator.
– Used to associate each argument with a value
– Can use comma instead
9
11
Creating a Cookie
Parts
Description
key
- Required
- Name of value listed in –value
- Can be string, number, scalar variable
value
- Required
- Value of the cookie
- Can be string, number, scalar variable, array, or hash
path
-Optional
- Indicates the scripts to which the cookie will be sent
- If omitted, sent to all scripts on server
expires
- Optional
- When the cookie will expire
- If omitted, will expire when the browser is closed
10
11
Creating a Cookie
• Expiration Settings:
Setting
Cookie will expire
+ns
in n seconds
+nm
in n minutes
+nh
in n hours
+nd
in n days
now
immediately
+nM
in n months
+nY
in n years
11
11
Creating a Cookie
12
Sending a Cookie
to the Browser
11
• header function:
– Part of CGI.pm
– Sends one or more cookies to a browser
– The header function already sends the
print “Content-type: text/html\n\n”;
statement
• If it is typed into the script before the header
function, the cookies will not be sent to the
browser
– Cookies must be sent before the Content-type
header line is processed
13
Sending Cookies
to a Browser
11
14
11
Accessing the Information
Stored in a Cookie
• When a URL is entered into a
browser:
– Browser searches RAM and hard drive
for cookies for that server
– Browser contacts server and sends
cookies, URL, and any form data
– Server sends cookie and form data to
script if the URL is associated with a
script
15
11
Accessing the Information
Stored in a Cookie
• Syntax:
– cookie (key)
• Example:
$color = cookie(‘Color’);
print “<BODY BGCOLOR=$color>\n”;
• The value of the Color key is assigned to
the $color variable
– When the cookie was created, its name
was “Color”, and its value will change the
background color of a dynamic web page
16
11
Accessing the Information
Stored in a Cookie
• Examples:
$custid = cookie(‘Id’);
print “Customer id: $custid <BR>\n”
@custrec = split (/ /, cookie(‘Record’));
foreach my $rec (@custrec) {
print “$rec<BR>\n”;
}
• If the value associated with the cookie’s key is an
array:
• Use split to divide the value associated with the
key
• Use the foreach loop to go print each element
17
The Jubilee Book Club
Web Pages
11
• If the user has never visited the site, the Name
text box should be blank
• If the user has visited the site, his/her name
should appear in the Name text box
18
The Jubilee Book Club
Web Pages
11
19
Planning and Coding
the book2.cgi Script
11
– Each time the user visits the
web site, the book2.cgi script
will create the Name cookie
and send it to the user’s
browser
– It will overwrite the existing
Name cookie (if any)
– The cookie will expire in 6
20
months
Planning and Coding
the book1.cgi Script
11
21
Planning and Coding
the book1.cgi Script
11
22
Summary
11
• A cookie is a piece of data that a Web server
can store on your computer (RAM, hard drive)
depending on the life span of the cookie.
• A cookie cannot pass a virus or read a hard
drive.
• A cookie can contain only as much
information as you disclose on the web site
that creates the cookie.
• Every cookie has a key and value and can
contain optional information like path and
expiration date.
23
Summary
11
• A temporary (session) cookie is stored in
RAM and erased from memory when the
browser is closed.
• A persistent cookie is stored in a text file on
the hard drive.
– Expiration date telling browser when to delete
• Like form data, cookies are sent with the
requested URL.
• The cookie function, defined in CGI.pm, can
create a cookie or access data stored in a
24
cookie.
Summary
11
• cookie function:
– must specify –name and –value functions.
– The => operator is called the “corresponds to”
operator.
– The –path argument determines which scripts
receive the cookie.
– The –expires argument indicates the expiration
period for the cookie.
• You can use the header function to send one
or more cookies to a browser
– Defined in cgi.pm
– Sends cookie information and the Content-type
header line to the browser
• Don’t need to type in the Content-type header line 25