Exercise #1: (total 11 minutes)

a. (5 minutes) Create a page called set_cookie.php and have it send a cookie with data <your
name>. Create another page called use_cookie.php that tests if the cookie exists and prints out
"Welcome to the Use Cookie page <your name>" from its information when it does.
set_cookie.php:
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
$my_name = 'Liz';
setcookie('name', $my_name);
print "I set the cookie with name $my_name";
use_cookie.php:
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
if (array_key_exists('name', $_COOKIE)) {
$my_name = $_COOKIE['name'];
echo 'Welcome to the Use Cookie page ' . $my_name;
} else {
print 'No Cookie!';
}
b. (3 minutes) Find the location on your machine where the cookie file is stored. If you can find
it, write out the path for this file (including the filename) and the contents of this file:
chrome://settings/cookies
c. (3 minutes)Modify your use_cookie.php program in (a) to expire the cookie 5 seconds after it
is used. Wait five seconds, then run the program again. What happens? Answer that question and
paste your code here:
The cookie expires so it prints No cookie!
<?php
/*
* To change this license header, choose License Headers in Project Properties.

* To change this template file, choose Tools | Templates

* and open the template in the editor.
*/
$my_name = 'Liz';
setcookie('name', $my_name, time() + 5);
print "I set the cookie with name $my_name";
Exercise #2: (total 14 minutes)
a. (5 minutes) Write a small program that sets the session save path to . and starts a session then
prints out "welcome, your session ID is <sess id>" where <sess id> is the value returned by the
function call session_id()
Paste your code and output here:
<?php
session_save_path('.');
session_start();
echo "welcome, your session ID is " . session_id();
?>
OUTPUT:
welcome, your session ID is j7e9bntbi6f87p1go8h4el2ah1
b. (3 minutes) Look at a neighbors output for part (a). Is it the same or different? Explain this
below:
Its different because its totally random to ensure that no two ids are the same.
c. (3 minutes) Re-run your program. Did you get the same output as in (a)? Explain why or why
not it should be the same:
You get the same id because youre using the same cookie that has the same id.
d. (3 minutes) Look at the directory your program is saved in. What do you see there that was not
there before you ran your program in (a)? Explain:
A file called sess_ j7e9bntbi6f87p1go8h4el2ah1. Everything that is saved to the session with that
particular id is saved in this file in serialized form.
Exercise #3: (total 15 minutes)
Paste the following into your program from exercise #1 (re-arrange the code as needed):

<?
// start your session here
// register your session variable here
// print the session id here
if (!empty($_POST['username_textbox'])) {
// set the username value from $_POST in the session here
}
// check if the username session value is non-empty and print it out here
?>
<FORM action="<?= $_SERVER['PHP_SELF'] ?>" method="POST">
Please enter your name:<br>
<INPUT TYPE="TEXT" name="username_textbox">
<INPUT TYPE="SUBMIT" value="Login">
</FORM>
<br><br>
<A href="<?= $_SERVER['PHP_SELF'] ?>">CLICK HERE TO RELOAD THIS PAGE
WITHOUT FORM SUBMIT</A>
a. (6 minutes) Add code to register a session variable 'username', set its value in the session when
$_POST['username_textbox'] is non-empty (the if-statement for this is in the code you pasted),
then write another if-statement that checks if the session variable for username is non-empty
and prints out "Welcome <username>". Paste your output and code here:
<?php
// start your session here
session_save_path('.');
session_start();
// print the session id here
echo "welcome, your session ID is " . session_id();
if (!empty($_POST['username_textbox'])) {
// set the username value from $_POST in the session here
$_SESSION['username'] = $_POST['username_textbox'];
}
// check if the username session value is non-empty and print it out here

if(array_key_exists('username', $_SESSION)) {
print "Welcome {$_SESSION['username']}";
}
?>
<FORM action="<?= $_SERVER['PHP_SELF'] ?>" method="POST">
Please enter your name:<br>
<INPUT TYPE="TEXT" name="username_textbox">
<INPUT TYPE="SUBMIT" value="Login">
</FORM>
<br><br>
<A href="<?= $_SERVER['PHP_SELF'] ?>">CLICK HERE TO RELOAD THIS PAGE
WITHOUT FORM SUBMIT</A>
b. (5 minutes) Try typing in different names. Does the session ID change? Why or why not?
The session ID doesnt change because the cookie has already been stored with this session.
c. (4 minutes) Now click on the hyperlink at the bottom of the page that reloads the page. Why
does the Welcome <username> message stay around even when there was no posting of the
form?
The session has already been saved.
Exercise #4: (total 11 minutes)
a. (4 minutes) Create a new PHP page and copy and paste the code that starts a session and prints
out the welcome message (do not copy any of the session register, setting, form or form
processing code). Run this code and explain why the same welcome message printed on the page
from exercise #3 printed here (with the same name you entered before):
The message has already been saved in the session and therefore the same message will print.
b. (3 minutes) Add the line session_destroy(); at the bottom of the file and re-load the page. What
happened to the Welcome <username> message? Explain:
The session has ended and therefore the message doesnt show up.
c. (4 minutes) Now re-run (or click the re-load hyperlink) the page from exercise #2. What
happened to the Welcome <username> message? Explain:
Since the session has been destroyed, a new one will be created and the usernames are gone.
Exercise #5: (total 15 minutes)
a. (7 minutes) What shopping cart use-cases will you need to support for your e-commerce site?

The use-case is how we think the system will be used by users. Our use-cases that we will use a
shopping cart to store quantities in the session. Another use-case is that we need something to
delete values to clear the session.
b. (8 minutes) Explain a design that you might use for a shopping cart to implement the use-cases
in part (a). Your design should focus on technical PHP details. For example, if you will be storing
an array in a session, explain how the session will be set up, when will it be set up and destroyed,
what will be in the array, how will it be used to represent what the user has in their cart, etc.
My shopping cart will store data from my multiple product pages. I want to store the quantities
into the $_SESSIONS array under a certain tag, maybe cart, to be fetched at the shopping cart
and invoice pages.
Exercise #6: (7 minutes)
a. Modify your program from exercise #3 to use a cookie to set the session id after a user has a
valid login. If the user has not logged in previously or for more than 1 hour, ask them to login
and set the cookie with their uername.
<?php
session_save_path('.');
//this function will save the data in a file for the session
session_start();
//allows you to put data into file
// print the session id here
echo "welcome, your session ID is" . session_id();
if (!empty($_POST['username_textbox'])) {
// set the username value from $_POST in the session here
// $_SESSION['username'] = $_POST['username_textbox'];
setcookie('username', $_POST['username_textbox'], time()+10);
}
?>