BrainPill Posted October 19, 2018 Share Posted October 19, 2018 (edited) If I make a session cookie en store this in the database and I want to compare this database value with the value in the browser of the client, which kind of code do I need then to read the session cookie from the browser ? It is for a visitor counter. I don't know where to start exactly. Are there more possibilities? When I google it I get SE results telling that I have to use request headers in combination with CURL. I am not really familiar with it, so what is the best set up? I am building a visitor counter and besides ip number I would like to use a unique session_id alphanumeric that lasts until the user removes the cookie. Assuming this is the proper procedure I would like to figure out how it works and what code is used. Or is there an easier way to do this? Edited October 19, 2018 by BrainPill Link to comment Share on other sites More sharing options...
dsonesuk Posted October 19, 2018 Share Posted October 19, 2018 A session or cookie? They are not the same. The session when set lasts until the browser is closed and not stored on the users device. A cookie holds data and is stored on the user device until a set expiry date. You should use $_SESSIONS https://www.w3schools.com/php/php_sessions.asp Link to comment Share on other sites More sharing options...
BrainPill Posted October 19, 2018 Author Share Posted October 19, 2018 1 hour ago, dsonesuk said: A session or cookie? They are not the same. The session when set lasts until the browser is closed and not stored on the users device. A cookie holds data and is stored on the user device until a set expiry date. You should use $_SESSIONS https://www.w3schools.com/php/php_sessions.asp Sorry I do not get it. Do you try to say that I need $_SESSION variables to make a website visitor unique? I suppose it is possible to store a user_id in a session var called $_SESSION['user_id'] = '12345abc'; but are you trying to say this is the proper solution for tracking website visitors? If an ipnumber has multiple devices connected to this single ipaddress I will not be able to distinguish them correctly. My assumption is that a browser cookie gives that possibility and for that reason I want to extract them. Link to comment Share on other sites More sharing options...
dsonesuk Posted October 19, 2018 Share Posted October 19, 2018 No! that stores the unique alphanumeric id associated to a specific user. Normally with these visitor counters, the minimum you would do is gather the ip_address and the date they visited and store that against a specific database unique id. Depending how in depth you want to go, the session could store the pages that user had visited to the id of that user stored in the database. A simple visitor counter https://www.youtube.com/watch?v=OfewMoH0RnA Link to comment Share on other sites More sharing options...
justsomeguy Posted October 19, 2018 Share Posted October 19, 2018 that lasts until the user removes the cookie Just to get your terminology right, that's not a session cookie. A session cookie is a cookie with an expiration of 0, which the browser removes when you close the window. If you want to see what the browser has saved, in the Firefox developer tools, for example, there is a Storage tab where you can see things like the cache, cookies, local databases, etc. In the list of cookies, if the "Expires On" column says "Session", then that's a session cookie. A cookie with an expiration date is not a session cookie. If you want a cookie which stays until removed by the user, set an expiration date far in the future. You can also use localStorage to store the same information. Many websites do that, if you set cookies or localStorage then you can ensure that you're tracking individual web browsers instead of something more vague like entire IP addresses. Many sites that don't necessarily require a login store any individual user preferences in cookies. Otherwise, if a user is logged in then the site will usually use a database. Using the PHP session to track users works fine as long as you only care about saving data for that individual website visit. If you want the data to still be there the next time they visit, don't use the session, use cookies or localStorage. Also, there are ways to try to "fingerprint" a browser so that you can more accurately determine if they are unique, but again in a large organization with tight group policies, all of the browsers might be the same. But Javascript will expose a lot of information about a browser that you can use to try to determine if this is a new unique browser or not. You can learn more about that here: https://amiunique.org https://panopticlick.eff.org 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now