PHP tireless sessions allow for communication between the server and client. This allows web applications to remember the identities of visitors as well as any variables or other data. This practical and challenging project-based course will help developers take the data that PHP normally stores in plain text files and write them into a more secure database, where the records can be read and destroyed as needed. I help you set up a SQL database, define classes to open and close sessions, read and write variables, destroy sessions, and manage out-of-date records. The lessons culminate in a short project that uses tokens to recognize returning users in an auto-login scenario.
In this course:
- I'll show you how to store session in data in a MySQL database
- How to log in returning users automatically
- We'll begin with an overview of how PHP handles Sessions and stores session data in plain text files on the web server
- We'll set up a database to store session data more securely
- I'll show you how to define a class to open and close sessions
- Read and write session variables to the database
- Destroy sessions and garbage collect out-of-date records
Sessions expire as soon as soon as the browser is closed, but the highlight of this course is an auto-login system that uses a randomly generated single use token that recognizes returning users and preserves their data between visits, even on different computers. I hope you'll find this a useful and challenging project.
keeping the user's data always up to date with persistent sessions is extremely convenient. But, and I can't stress this strongly enough, persistent sessions are not 100 percent secure. When using sessions, you should always use a connection over secure sockets layer, or transport layer security whenever possible. I’m going to talk about why always re-authenticate user credentials before allowing allowing access to pages with sensitive content, such as changing user account details.