Be a Supporter!

Php: Storing Cookie Info

  • 1,687 Views
  • 3 Replies
New Topic Respond to this Topic
Jams44
Jams44
  • Member since: Nov. 8, 2004
  • Offline.
Forum Stats
Member
Level 07
Blank Slate
Php: Storing Cookie Info Feb. 2nd, 2006 @ 02:54 PM Reply

PHP: Main

First of all, the would be classified as part two of my first tutorial, so if you have not read it, please visit it now- PHP: Setting and Returning Cookies
If you have read the first part, then congratulations on learning the basics of cookies. In the last tutorial I did not go in depth into the different parts of a cookie, just the basic name, value, and expiration date. In this tutorial we will cover the VALUES of cookie. Values are information stored on your computer when cookies are set (along with the cookie name & origin). How can the value in a cookie help you. Well, by setting info in cookies it allows your website to become more personal with your member, without having to constantly retrieve data b ut simply by setting a distinct ID to allow certain restrictions to what the person can and cannot do. Let's get started.
The best example would be a login (again)

<? ///let's start with our PHP tag

Next we will retrieve info from the cookie, as much as this may seem out of order, you must check to see if any info has been stored before you try and set it.

if ( isset($_COOKIE['user'])) { ///If a cookie with a name of "user" has been set...
echo $_COOKIE['user']; ///Display the values of the cookie
} ///End Action

Now that we have checked to see if their was any dta already stored, let's do the next step if there wasn't any found.

else{ ///If above data wasn't found then...
?> /// Closing PHP tag because we will be using HTML

Instead of repeating the last tutorial and Greeley's login tutorial, we will just do a basic name login. So we must create a form that allows the user to enter their name that will be later repeated to them (as if they don't know their name already). Also notice how for the action of the form I used $_SERVER['PHP_SELF'], I only do thios because my serer is screwy, both this way and leaving the action blank will run the script below the form.

<form name="login" method="post" action="<? $_SERVER['PHP_SELF'] ?>">
<p class="style1">What is Your Name?: <input type="text" name="data">
<input name="submit" type="submit" value="Remember My Name!">
</form>

Now that we have the form, we need to create the action so...
<? ///PHP tag again
if ( isset($_POST['data']) ) {
//We don't want the script running unless the user hits SUBMIT
$data = $POST['data']; ///Setting a variable for the information given by the user
setcookie("user", $data); ///We want to name our cookie "user" because at the beginning we try and retirve the "user" cookie. We also set the Value as $data which remember was the info given by the user in the form.
Now let's refresh the page so...

header ($_SERVER['PHP_SELF']); ///Go To Current Page or REFRESH
}} ///One for closing the else{} at the top and one for the if action
?> ///and finally the closing tags

Now if this script is done correctly the end product will be the info being displayed. Hopefully in the futur, this will help you retrieve data for certain users form the database (ex. $username = $_COOKIE['user']
than maybe a mysql query...
SELECT * FROM $usename
Anyways I am just bantering on, i hope i wasn't to redundant in the tutorial but enjoy!!

-Created by Jams44 for PHP: Main

EviLDoG
EviLDoG
  • Member since: Oct. 18, 2000
  • Offline.
Forum Stats
Member
Level 12
Blank Slate
Response to Php: Storing Cookie Info Feb. 3rd, 2006 @ 06:31 PM Reply

I would like to see someone discuss the disadvantages of cookies, like:

People can manipulate them by editing the cookie file on their computer.
Even though they are set in PHP, they can be displayed using javascript, opening alot of flaws if you set usernames and passwords in the cookies.
Some people don't allow their computer to set cookies.

Afro-Ninja
Afro-Ninja
  • Member since: Mar. 2, 2002
  • Offline.
Forum Stats
Moderator
Level 44
Game Developer
Response to Php: Storing Cookie Info Feb. 3rd, 2006 @ 06:41 PM Reply

At 2/3/06 06:31 PM, EviLDoG wrote: I would like to see someone discuss the disadvantages of cookies, like:

People can manipulate them by editing the cookie file on their computer.

Just make a function that checks the integrity of the cookie. If what they put in the cookie doesn't match what their login is, delete it

Some people don't allow their computer to set cookies.

sessions are saved partially with cookies. If someone has cookies disabled the session id is stored in the page url, which is also insecure if you ask me (can someone verify this? I'm pretty sure that's how it works)

But should we allow this to spiral into a cookies vs sessions topic? If anyone would like to continue or revive this debate, bring it up here:

http://newgrounds.co../topic.php?id=342201


BBS Signature
EviLDoG
EviLDoG
  • Member since: Oct. 18, 2000
  • Offline.
Forum Stats
Member
Level 12
Blank Slate
Response to Php: Storing Cookie Info Feb. 3rd, 2006 @ 06:50 PM Reply

Well, you could build your own session system which uses the users ip (But that also has its flaws)

And by the manipulation, i meant any data you enter could be manipulated, it's not exactly a security threat but it's still something which isn't really needed.

I weren't saying cookies are bad, i was saying they had flaws if not used properly.