Jump to content
BrainPill

get session cookie value from the browser

Recommended Posts

 

If I make a session cookie en store this in the database and I want to compare this database value with the value in the browser of the client, which kind of code do I need then to read the session cookie from the browser ?

It is for a visitor counter. I don't know where to start exactly. Are there more possibilities? When I google it I get SE results telling that I have to use request headers in combination with CURL. I am not really familiar with it, so what is the best set up?

I am building a visitor counter and besides ip number I would like to use a unique session_id alphanumeric that lasts until the user removes the cookie. Assuming this is the proper procedure I would like to figure out how it works and what code is used. Or is there an easier way to do this? 

 

 

Edited by BrainPill

Share this post


Link to post
Share on other sites
1 hour ago, dsonesuk said:

A session or cookie? They are not the same. The session when set lasts until the browser is closed and not stored on the users device. A cookie holds data and is stored on the user device until a set expiry date.

You should use $_SESSIONS

https://www.w3schools.com/php/php_sessions.asp

 

Sorry I do not get it. Do you try to say that I need $_SESSION variables to make a website visitor unique? 

I suppose it is possible to store a user_id in a session var called $_SESSION['user_id'] = '12345abc'; but are you trying to say this is the proper solution for tracking website visitors?

If an ipnumber has multiple devices connected to this single ipaddress I will not be able to distinguish them correctly. 

My assumption is that a browser cookie gives that possibility and for that reason I want to extract them.

 

Share this post


Link to post
Share on other sites

No! that stores the unique alphanumeric id associated to a specific user. Normally with these visitor counters, the minimum you would do is gather the ip_address and the date they visited and store that against a specific database unique id. Depending how in depth you want to go, the session could store the pages that user had visited to the id of that user stored in the database.

A simple visitor counter 

https://www.youtube.com/watch?v=OfewMoH0RnA

Share this post


Link to post
Share on other sites

that lasts until the user removes the cookie

Just to get your terminology right, that's not a session cookie.  A session cookie is a cookie with an expiration of 0, which the browser removes when you close the window.  If you want to see what the browser has saved, in the Firefox developer tools, for example, there is a Storage tab where you can see things like the cache, cookies, local databases, etc.  In the list of cookies, if the "Expires On" column says "Session", then that's a session cookie.  A cookie with an expiration date is not a session cookie. 

If you want a cookie which stays until removed by the user, set an expiration date far in the future.  You can also use localStorage to store the same information.  Many websites do that, if you set cookies or localStorage then you can ensure that you're tracking individual web browsers instead of something more vague like entire IP addresses.  Many sites that don't necessarily require a login store any individual user preferences in cookies.  Otherwise, if a user is logged in then the site will usually use a database.

Using the PHP session to track users works fine as long as you only care about saving data for that individual website visit.  If you want the data to still be there the next time they visit, don't use the session, use cookies or localStorage.

Also, there are ways to try to "fingerprint" a browser so that you can more accurately determine if they are unique, but again in a large organization with tight group policies, all of the browsers might be the same.  But Javascript will expose a lot of information about a browser that you can use to try to determine if this is a new unique browser or not.  You can learn more about that here:

https://amiunique.org

https://panopticlick.eff.org

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×