Gain insights into modern PHP by delving into POST requests, forms, sessions, and redirects to build a CRUD app with authentication, focusing on pure PHP without frameworks.

Learn PHP Without a Framework by Matthias Noback.png

php-setup.tar.gz

php-job

php-favi

php-pub

php-public

php-error

php-mult

php-tests

PHP for the Web is a terrific introduction on how to use modern PHP effectively. While there is a lot of material out there about building applications with PHP, most of them focus on using a framework like Laravel or Symfony. By working with pure PHP, you will be able to focus on the core ideas instead of how a particular framework implements them.

In this course, you will learn how to use multiple web technologies like POST requests, forms, sessions, and redirects to build a CRUD application with an authentication system.

By the end, you will have all the ingredients at your disposal to go out and build stunning, dynamic PHP web applications.

PHP for the Web: Learn PHP without a Framework

**Manipulation and visibility of cookie content**

We saw how you can use cookies to pass data between requests.
We ended with a warning that cookies can be manipulated, because they are headers, so they can't really be trusted.
Another security aspect is that the contents of cookies are visible.
Both of these aspects of cookies make them unsuitable for sensitive information, or information that only you as the programmer should be able to manipulate.


&nbsp;<img src="/udata/zVqza72o2xj/Thumbs Up.png" loading="lazy" height=120; width=120; />

**Sessions come to rescue**

For situations where using a cookie isn't a good idea, but you still want to keep some kind of information between requests, you can use a *session*.
Cookie data is managed by the browser, session data is managed by the server.
This gives you full control over the data, and prevents it from being visible elsewhere or being manipulated without you knowing.
Let's see how this works.

# Starting the session
We are going to rewrite the `name.php` script to store the user's name in the session, not in a cookie.
The first thing we should do in the script is start the session using the [`session_start()`](https://www.php.net/session_start) function.
Session data should be saved in a superglobal variable called `$_SESSION`, which is an associative `array`.
In this case, we assign the value of `$_POST['name']` to `$_SESSION['name']`:

Let's see how to use sessions for storing user information. 

Getting Started

Serving Resources

Serving PHP Scripts

Forms

Cookies

Sessions

Authentication

PHP Project Structure

CRUD Part 1: Create

CRUD Part 2: The Rest

File Uploads

Error Handling

Automated Testing

Conclusion

Using Sessions for Storing User Data

Sessions vs. cookies

Starting the session