Phalcon Tutorial
Phalcon Useful Resources
Selected Reading
- Phalcon - Security Features
- Phalcon - Object Document Mapper
- Phalcon - Working with Forms
- Phalcon - Asset Management
- Phalcon - Multi-Lingual Support
- Phalcon - Session Management
- Phalcon - Cookie Management
- Phalcon - Database Migration
- Phalcon - Query Language
- Phalcon - Scaffolding Application
- Phalcon - Switching Databases
- Phalcon - Database Connectivity
- Phalcon - Routing
- Phalcon - Views
- Phalcon - Models
- Phalcon - Controllers
- Phalcon - Configuration
- Phalcon - Functionality
- Phalcon - Application Structure
- Phalcon - Environmental Setup
- Phalcon - Overview
- Phalcon - Home
Phalcon Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Phalcon - Cookie Management
Phalcon - Cookie Management
Cookies also known as browser cookies are small text files stored in the browser. It saves all the information related to user identity. This information is used to vapdate the users once they browse through different pages.
There are two different types of Cookies −
Session Cookies − These type of cookies stay on the browser and retain information until the browser is closed. As soon as the browser is opened, it will be treated as a new session for the same user.
Persistent Cookies − It includes a stipulated pfespan and remains in the browser within the given pfespan. Those websites which use persistent cookies keep track of each and every user, even if the browser is closed by the user.
Let us now discuss how cookies work in Phalcon.
Cookies in Phalcon
Phalcon uses PhalconHttpResponseCookies as a global storage for cookies. Cookies are stored in Phalcon while sending a request to the server.
Following is the syntax for setting up a Cookie −
$this->cookies->set( "<cookie-name>", "<cookie-value>", time );
Consider the following example. Using the following code, we will create cookies of the user when the user logs in to the web apppcation.
<?php
class UsersController extends PhalconMvcController {
pubpc function indexAction() {
if ($this->cookies->has("login-action")) {
// Get the cookie
$loginCookie = $this->cookies->get("login-action");
// Get the cookie s value
$value = $loginCookie->getValue();
echo($value);
}
$this->cookies->set(
"login-action",
"abc",
time() + 15 * 86400
);
}
}
The encrypted cookies will be displayed as output.
Description
Cookie named “loginAction” has been created with value “abc”.
The method “indexAction” checks whether the cookie exists and prints the value accordingly.
Encryption of Cookies
Cookies in Phalcon are encrypted before being sent to the server as a request and decrypted as soon as we get an appropriate response from the server. This assures security of the authorized users.
It is always suggested to avoid storing sensitive data in cookies, despite the functionapty of encryption and decryption. The configuration for encryption of cookies is included in services.php file.
/**
* Enable encryption key for setting values of cookies
*/
$di->set(
"cookies", function () {
$cookies = new Cookies();
$cookies->useEncryption(false);
return $cookies;
}
);
/**
* Set encryption key
*/
$di->set(
"crypt", function () {
$crypt = new Crypt();
$crypt->setKey( AED@!sft56$ ); // Use a unique Key!
return $crypt;
}
);
Note −
It is always suggested to use encryption while sending cookies to the server.
If encryption is not used, all the internal apppcation will be exposed to the attacker.
It is also recommended to store small data and pterals in cookies.