Jsp, Tomcat, J2Ee, Hibernate Programming, Http Web Server Blog

PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY to gain access to a protected site, the password itself is stored (preferably encrypted) in a separate location, and not as a session variable. Sessions are supported by default, so you don t need any special configuration. However, since they rely on a cookie, sessions won t work if cookies are disabled in the user s browser. It is possible to configure PHP to send the identifier through a query string, but this is not considered safe. Creating PHP sessions Just put the following command in every PHP page that you want to use in a session: session_start(); This command should be called only once in each page, and it must be called before the PHP script generates any output, so the ideal position is immediately after the opening PHP tag. If any output is generated before the call to session_start(), the command fails and the session won t be activated for that page. (See The Headers already sent error section later for an explanation.) Creating and destroying session variables You create a session variable by adding it to the $_SESSION superglobal array in the same way you would assign an ordinary variable. Say you want to store a visitor s name and display a greeting. If the name is submitted in a login form as $_POST[’name’], you assign it like this: $_SESSION[’name’] = $_POST[’name’]; $_SESSION[’name’] can now be used in any page that begins with session_start(). Because session variables are stored on the server, you should get rid of them as soon as they are no longer required by your script or application. Unset a session variable like this: unset($_SESSION[’name’]); To unset all session variables for instance, when you re logging someone out set the $_SESSION superglobal array to an empty array, like this: $_SESSION = array(); Do not be tempted to try unset($_SESSION). It works all right but it s a little too effective. It not only clears the current session, but also prevents any further sessions from being stored.
Searching for affordable and reliable webhost to host and run your web applications? Go to our java web server services and you will be pleased.

PAGES THAT REMEMBER: SIMPLE LOGIN AND MULTIPAGE FORMS When a session is initiated, the server stores information in session variables that can be accessed by other pages as long as the session remains active (normally until the browser is closed). Because the identifier is unique to each visitor, the information stored in session variables cannot be seen by anyone else. This means sessions are ideal for user authentication, although they can be used for any situation where you want to preserve information for the same user when passing from one page to the next, such as with a multipage form or a shopping cart. The only information stored on the user s computer is the cookie that contains the identifier, which is meaningless by itself. This means there is no danger of private information being exposed through someone examining the contents of a cookie on a shared computer. The session variables and their values are stored on the web server. Figure 9-2 shows the contents of a simple session file. As you can see, it s in plain text, and the content isn t difficult to decipher. The session shown in the figure has two variables: name and location. The variable names are followed by a vertical pipe, then the letter s , a colon, a number, another colon, and the variable s value in quotes. The s stands for string, and the number indicates how many characters the string contains. 9 Figure 9-2. The details of the session are stored on the server in plain text. This setup has several implications. The cookie containing the identifier normally remains active until the browser is closed. So, if several people share the same computer, they all have access to each other s sessions unless they always close the browser before handing over to the next person, something over which you have no control. So, it s important to provide a logout mechanism to delete both the cookie and the session variables, keeping your site secure. You can also create a timeout mechanism, which automatically prevents anyone regaining access after a certain period of inactivity. The fact that session variables are stored in plain text on the web server is not, in itself, a cause for concern. As long as the server is correctly configured, the session files cannot be accessed through a browser. Inactive files are also routinely deleted by PHP (in theory, the lifetime is 24 minutes, but this cannot be relied upon). Nevertheless, it should be obvious that, if an attacker manages to compromise the server or hijack a session, the information could be exposed. So, although sessions are generally secure enough for password protecting parts of a website or working with multipage forms, you should never use session variables to store sensitive information, such as passwords or credit card details. As you ll see in Using sessions to restrict access later in the chapter, although a password is used 235
Please visit our professional web hosting services to find out about cheap and reliable webhost service that will surely answer all your demands.

PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY What this chapter covers: Understanding sessions Creating a file-based login system Setting a time limit for sessions Using sessions to keep track of information The Web is a brilliant illusion. When you visit a well-designed website, you get a great feeling of continuity, as though flipping through the pages of a book or a magazine. Everything fits together as a coherent entity. The reality is quite different. Each part of an individual page is stored and handled separately by the web server. Apart from needing to know where to send the relevant files, the server has no interest in who you are. Each time a PHP script runs, the variables exist only in the server s memory and are normally discarded as soon as the script finishes. Even variables in the $_POST and $_GET arrays have only a brief life span. Their value is passed once to the next script and then removed from memory unless you do something with it, such as store the information in a hidden form field. Even then, it persists only if the form is submitted. To get around these problems, PHP uses sessions. After briefly describing how sessions work, I ll show you how you can use session variables to create a simple file-based login system and pass information from one page to another without the need to use hidden form fields. What sessions are and how they work A session ensures continuity by storing a random identifier on the web server and on the visitor s computer (as a cookie). The web server uses the cookie to recognize that it s communicating with the same person (or, to be more precise, with the same computer). Figures 9-1 and 9-2 show the details of a simple session created in my local testing environment. As you can see from the left screenshot in Figure 9-1, the cookie stored in the browser is called PHPSESSID, and the content is a jumble of letters and numbers (it s actually a 32-digit hexadecimal number). A matching file, which contains the same jumble of letters and numbers as part of its filename, is created on the web server (shown on the right). Figure 9-1. PHP sessions store a unique identifier as a cookie in the browser (left) and on the server (right).
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.

9 PAGES THAT REMEMBER: SIMPLE LOGIN AND MULTIPAGE FORMS
If you are in need for cheap and reliable webhost to host your website, we recommend http web server services.

PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY name to each file as it s uploaded. By placing move_uploaded_file() at this point, you can use the value of $name to generate a unique name for the uploaded file and its thumbnail. Rather than show you how to do it step by step, I ll just give you a few hints. The getNextFilename() function from the previous chapter automatically generates a new filename. It takes three arguments: the target folder (directory), the filename s prefix, and the file type. The target directory is UPLOAD_DIR, the filename s prefix is stored in $name, and the file type is stored in $type. However, $type is currently a number, so you need to convert it to a string. If you store the new name in $newName, you can use it in combination with basename() to build the name for the thumbnail so that the original image and thumbnail have the same number. Refer back to PHP Solution 4-3 for an explanation of how to use basename(). The changes involved are quite simple and involve fewer than 20 lines of code. The solution is in upload_both_new.php and create_both_new.inc.php in the download files. The new code is clearly marked and commented. Transferring your test files to a remote server If you have been testing these files locally, the only changes that you need to make when deploying them on a remote server are to the definitions of UPLOAD_DIR and THUMBS_DIR. Use a fully qualified path to each folder (directory). Don t forget that the necessary read, write, and execute permissions need to be set on the upload folders. Also make sure that the path to any include files reflects your site structure. Change the values of MAX_HEIGHT and MAX_WIDTH if you want the resized images to be larger or smaller than 120 90 pixels. Summary Although this is a relatively short chapter, it covers a lot of ground and brings together techniques from Chapters 4, 6, and 7, in combination with the PHP image manipulation functions. To get the most out of working with PHP, it s important to understand the flow of a script so that you can incorporate solutions from other scripts. It would be a major project to attempt to build from scratch a form that uploads an image, makes a scaled- down copy, and gives both of them new names. However, breaking the task down into discrete sections, as done here, makes it a lot easier. It also gives you the opportunity to reuse code from one project in another, saving time and effort. There are many other things you can do with the GD extension, including adding dynamic text to images and generating bar charts. For more details, take a look at Chapter 8 of PHP 5 Recipes: A Problem-Solution Approach by Lee Babin and others (Apress, ISBN: 1-59059-509-2).
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.

GENERATING THUMBNAIL IMAGES $result = ‘Problem uploading ‘.$_FILES[’image’][’name’].’; ‘; } // create an image resource for the original The new code moves the temporary upload file to the upload folder and saves it with its original name. The move_uploaded_file() function returns a Boolean true or false, so by assigning the result to $moved, you can tell whether the operation is successful. If it is, a suitable message is created, and the pathname of the uploaded file is reassigned to $original. This is very important, because move_uploaded_file() immediately discards the temporary uploaded file. So, from this point onward, the original file is now the one that has just been saved on the server. If $moved is false, there s no point in reassigning the value of $original, which still points to the temporary upload file. This means you still have a chance of creating the thumbnail, even if the main upload fails. I ve inserted the error control opera tor (@) in front of move_uploaded_file() to prevent the display of PHP error mes sages, so it s important to create a custom error message indicating what the problem is. 5. The outcome of the upload operation uses the same variable, $result, as the section of the script that creates the resized image, so you need to make sure that the second outcome is added to the first. Do this with the combined concatenation operator (.=) toward the end of the script, by inserting a period in front of the equal sign like this: if ($success) { $result .= “$thumb_name created”; } else { $result .= ‘Problem creating thumbnail’; } As it stands, the script gives you the chance to salvage at least part of the oper- ation if the main upload fails. If you don t want a thumbnail without the main image, move the last four lines of new code in step 4 immediately below the code in step 5. This brings the thumbnail creation script inside the first half of the conditional statement, so it runs only if $moved is true. 6. Save create_both.inc.php, and load upload_both.php into a browser. Test it by selecting an image on your local computer and clicking Upload. The original image should be copied to the upload_test folder and a scaled-down version to the thumbs subfolder. You may be wondering why I inserted the new code in step 4 in that particular location, because it doesn t really matter when you move the uploaded file, as long as the script can create an image resource from it. The answer is because the script currently overwrites existing images of the same name. For a really robust solution, you need to assign a unique 229
Note: If you are looking for cheap and reliable webhost to host and run your mysql application check mysql web server services.

PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY To understand what has happened, cast your mind back to Chapter 6. The switch statement checks the value of $_FILES[’image’][’error’]. If it s 0, it means that the upload succeeded. The original script moved the temporary upload file to its target destination. The include command simply replaces that part of the script with the code that creates the thumbnail. Further improvements You now have a powerful mini-application that automatically resizes images on upload, but what if you want to preserve the original image as well? Nothing could be simpler. The page containing the upload form already defines the upload folder as UPLOAD_DIR, so you simply need to move the temporary upload file (currently referred to as $original) with move_uploaded_file(). PHP Solution 8-4: Saving the uploaded original and scaled-down version Continue working with the same files. Alternatively, use create_thumb.inc.php and upload_thumb02.php from the download files. The finished scripts are in create_both.inc.php and upload_both.php. 1. Open upload_thumb.php and save a copy as upload_both.php. 2. In upload_both.php, locate the line that includes the script that creates the scaled- down image. It should be around line 35, and looks like this: include(’../includes/create_thumb.inc.php’); Change it like this and save the page: include(’../includes/create_both.inc.php’); 3. Open create_thumb.inc.php and save a copy in the includes folder as create_both.inc.php. 4. In create_both.inc.php, locate the section of code that strips the extension from the filename (around line 22), and insert the new code highlighted in bold: // strip the extension off the image filename $imagetypes = array(’/.gif$/’, ‘/.jpg$/’, ‘/.jpeg$/’, ‘/.png$/’); $name = preg_replace($imagetypes, ‘’, . basename($_FILES[’image’][’name’])); // move the temporary file to the upload folder $moved = @ move_uploaded_file($original, . UPLOAD_DIR.$_FILES[’image’][’name’]); if ($moved) { $result = $_FILES[’image’][’name’].’ successfully uploaded; ‘; $original = UPLOAD_DIR.$_FILES[’image’][’name’]; } else {
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.

GENERATING THUMBNAIL IMAGES // move the file to the upload folder and rename it $success = move_uploaded_file($_FILES[’image’][’tmp_name’], . UPLOAD_DIR.$username.’/’.$file); } else { // get the date and time ini_set(’date.timezone’, ‘Europe/London’); $now = date(’Y-m-d-His’); $success = move_uploaded_file($_FILES[’image’][’tmp_name’], . UPLOAD_DIR.$username.’/’.$now.$file); } if ($success) { $result = “$file uploaded successfully”; } else { $result = “Error uploading $file. Please try again.”; } break; 7. Change it to this: if ($sizeOK && $typeOK) { switch($_FILES[’image’][’error’]) { case 0: include(’../includes/create_thumb.inc.php’); break; 8 That s it! Save upload_thumb.php and test it by selecting an image from your local file system: a scaled-down copy will be created in the thumbs subfolder of upload_test (see Figure 8-2). Check your code, if necessary, with create_thumb.inc.php and upload_test02.php in the download files. Figure 8-2. A 400 300 pixel image has been automatically resized and renamed on upload. 227
If you are looking for cheap and quality webhost to host and run your website check Jboss Web Hosting services.

PHP SOLUTIONS: DYNAMIC WEB DESIGN MADE EASY If you cast your mind back to Chapter 6, PHP stores an upload file in a temporary location until you move it to its target location. This temporary file is accessed using the tmp_name element of the $_FILES superglobal array and is discarded when the script ends. Instead of moving the temporary file to the upload folder, you can adapt the script in create_thumb.inc.php to resize the image, and save the scaled-down version instead. 3. The form in upload.php uses image as the name attribute of the file upload field, so the original image (referred to as $original) is now in $_FILES[’image’][’tmp_name’]. Change the opening section of the code like this (new code is in bold): // define constants define(’THUMBS_DIR’, ‘C:/upload_test/thumbs/’); define(’MAX_WIDTH’, 120); define(’MAX_HEIGHT’, 90); // process the uploaded image if (is_uploaded_file($_FILES[’image’][’tmp_name’])) { $original = $_FILES[’image’][’tmp_name’]; // begin by getting the details of the original list($width, $height, $type) = getimagesize($original); This removes the definition of SOURCE_DIR, which is no longer needed, and simplifies the original if… else statements at the beginning of the script. The code in upload.php takes care of checking that a file has been selected, so all that s needed here is to use is_uploaded_file() to check that the temporary file is a genuine upload and to assign it to $original. If you ever had any doubts, this should convince you just how useful variables are. From this point on, the script treats the temporary upload file in exactly the same way as a file already on the server. The remaining steps also demonstrate the value of recycling code. 4. Save create_thumb.inc.php. The rest of the changes are made in the upload file. 5. Open upload.php from Chapter 6 and save it as upload_thumb.php. 6. Locate the following section of code in upload_thumb.php (it should be around lines 32 through 60): if ($sizeOK && $typeOK) { switch($_FILES[’image’][’error’]) { case 0: // $username would normally come from a session variable $username = ‘davidp’; // if the user’s subfolder doesn’t exist yet, create it if (!is_dir(UPLOAD_DIR.$username)) { mkdir(UPLOAD_DIR.$username); } // check if a file of the same name has been uploaded if (!file_exists(UPLOAD_DIR.$username.’/’.$file)) {
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.

GENERATING THUMBNAIL IMAGES $result = ‘Problem copying original’; } else { // calculate the dimensions of the thumbnail $thumb_width = round($width * $ratio); $thumb_height = round($height * $ratio); // create an image resource for the thumbnail $thumb = imagecreatetruecolor($thumb_width, $thumb_height); // create the resized copy imagecopyresampled($thumb, $source, 0, 0, 0, 0, $thumb_width, . $thumb_height, $width, $height); // save the resized copy switch($type) { case 1: if (function_exists(’imagegif’)) { $success = imagegif($thumb, THUMBS_DIR.$name.’_thb.gif’); $thumb_name = $name.’_thb.gif’; } else { $success = imagejpeg($thumb, THUMBS_DIR.$name.’_thb.jpg’,50); $thumb_name = $name.’_thb.jpg’; } break; case 2: $success = imagejpeg($thumb, THUMBS_DIR.$name.’_thb.jpg’, 100); $thumb_name = $name.’_thb.jpg’; break; case 3: $success = imagepng($thumb, THUMBS_DIR.$name.’_thb.png’); $thumb_name = $name.’_thb.png’; } if ($success) { $result = “$thumb_name created”; } else { $result = ‘Problem creating thumbnail’; } // remove the image resources from memory imagedestroy($source); imagedestroy($thumb); } } ?> As the script now stands, it looks for the name of an image submitted from a form as $_POST[’pix’], and located on the server in whatever you have defined as SOURCE_DIR. To create a thumbnail from an uploaded image, you need to adapt the script so that it processes the temporary upload file. 225
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.