Brainstorming for a feature right now, looking for advice and tips.
If this is possible to do, I would like to have a search bar save what the user has written and save the search (if there are results found) as a cookie. There will be up to three searches saved where the newest one that is accepted replaces the oldest one. My concern is that am I able to save these search cookies uniquely on every user account?
My plan is the following:
User searches
check if the search yields results.
save as cookie if a search is successful
Display on website
the purpose of the cookie is to show a product in our site homepage based on the searches
Save on individual accounts
the cookies used here should not transfer outside the account used at that time, if a new user logs
in, there will be no cookies.
if a user that searches logs back, the previous cookies will still be present and display products
accordingly.
My thoughts are this will be similar to my remember me login cookies that saves them with:
setcookie ("login_email",$_POST["email"],time()+ 3600);
setcookie ("login_password",$_POST["password"],time()+ 3600);
The website where is is going to be made is using PHP.
I would like some advice on what logic should I use on the code, thank you for reading and looking forward to any responses.
Related
I need to know if a user visited the webpage by clicking on a link from the same website. I can use $_SERVER['HTTP_REFERER'] and check if the domain is the same. But HTTP_REFERER is not always set.
I must detect the difference between visiting a page via own website and coming from an external website (or direct visit). This must be able over and over again, meaning that if a user leaves the site and come back through a search result, I again must be able to detect this.
I thought about setting a session, but than I can't detect a second visit within the session lifetime. Also don't see an option for setting a cookie.
What other options do I have?
I think you should use Database(MySQL) to save the HTTP_REFERER each time for every visit from a specific IP and for a particular date.
You can check the time difference between the two records (like in some minutes) that an IP has accessed and can get the records if a user leaves and come back again to the website. This way you can track the logs for each visitor like how many times a visitor access the website.
Hope this way you can manage the desired output for your application.
I want to show different home page when user visit every time my site, means new html page on every new visit or repeat visit.
When user open a site the first time he/she see x.html next time y.html next z.html and so on.
Please help me
You may use cookies to store information on user (client) side that he/she has already visited your site. Please refer to: http://php.net/manual/en/features.cookies.php for info about cookies in PHP. It requires that user accepts cookies in the browser. In the cookie you may keep info about already seen pages.
Yet another way is to store such information on server side but it may be risky because it is not obvious how to identify unique user on server side (combination of IP + browser - may not always work - users from the same private network may provide the same externally visible IP).
The last solution that comes to my mind is to force user to login to your page. Then, upon login, you may count a number of times the given user (identified by username) has been on your page and provide diffent page each time.
Create a script that will choose a different page at random.
Store the pages in an array
$pages = array('page1.php','page2.php','page3.php');
Get random number
$rand = mt_rand(0,2);
Use that random number to choose page from array
$rand_page = $pages[$rand];
Then show the page to the user
include($rand_page);
I need to know if there is an user logged in my website. For this purpose, I have only his session ID.
I got this id using: session->getId();
¿Is it possible?
Thanks in advance.
add a custom field to the session when the user logs in and then just check that field
Given that the web is essentially stateless, it is hard to know for sure if a particular user is logged onto a website.
One way to accomplish your goal is to keep a running log of all the users logged in, and the last visit time. Then you could query that log and if the users last visit time was less than 5 minutes ago, you could then say the user is logged onto your site. This will only tell you if the user is logged into your site, not if your site is the active tab in their browser.
Another way to get more "real-time" information as to the the active users of your site is to use something like SignalR which will allow you to do push to the browser. I've used SignalR in the past to send out system status messages to the browser and have it automatically update the page. The great thing about SignalR is it maintains an in-memory list of all the clients connected.
It is the most easiest to describe my problem with a working example: even if you are not logged in, YouTube remembers what you have watched, and next time gives you suggestions based on previous watched movies.
My site is similar in a way: the users can vote on articles without logging in, and the site remembers votes with cookies. I have figured out a working method, but there has to be an easier way - also now the DB usage is anything but optimized.
For every visitor there is a check if he has the cookies. If yes I query his votes. If not I create a dummy user, and send him out the cookies. Now I store this users "last_visit" timestamp. After this everything is the same for both users. My problem is that my DB is filling up with dummy users, so I made my cookies expire in 3 months and my site regularly check which users didn't visit my site in the last 3 months, and deletes them from the DB.
I know I overcomplicated this, but my vote system is using AJAX, and I couldn't find a method to send out a cookie (and create the dummy user) only if a vote happens and not every time a simple visitor browses my site - without vote.
Also a note: I insist on using cookies - I know it would be easier to store IP-s when a vote happens, but there are schools, businesses using the same IP, and I like to allow their users to use my site.
What did I miss here? How can this be optimized?
if they do not hold a permanent account, why store anything related to them in the database at all? just record their prior votes in the cookie. you would also store averall votes in the db, but anonymously, and not relate these to "users" at all.
I am just starting to learn about web development and something has been niggling me for a while now, How a website controls what you can access and cannot access.
For example, a website like Facebook. When i first go to the site, it presents a login form, once i am logged the same page that i tried to access before now shows information relevant to me that i could only access once logged in, i can navigate to a different site and then comeback to google and it still allows me to use if without logging on again.
How exactly would a site block someone trying to access a particular page when they are not logged in, lets say the page viewProfile.php. How does the website know who to allow access to this page?
I realise this question may seem confusing and elementary but its just a something that came to me whilst viewing facebook.
Thanks.
This is a very simple concept called sessions.
When you visit facebook, it reads unique information sent to it via the connection such as IP address, browser, and some other minor information, when this information is combined it creates a unique identifier.
this unique identifier is then stored in a file like so:
d131dd02c5e6eec4693d9a0698aff95c.session
So when you login with your credentials there application add's information into this file such as last activity etc.
When you go away and come back, facebook will then read the information that's sent with every requests, it then add's it all together and creates a unique hash, if this hash exists within it's storage system it will open it up and read the contents, and know exactly who you are.
all this is combined with cookies, the unique hash is sent back to the browser and stored in your cookies folder, this cookie file is sent back to facebook with every request.
PHP Handles this for you internally so it's pretty basic to get it up and running: http://php.net/manual/en/features.sessions.php
Here's an example that may help you understand the concept a little more.
<?php
/*
* The session_start generates that hash and send a cookie to the browser
* This has to be first as you can only send cookie information before any content
*/
session_start();
/*
* Anything storeg within $_SESSION is what's been read from the session file and
* We check to see if the information has already been set on the first time the user
* visited the site
*/
if(!isset($_SESSION['hits']))
{
$_SESSION['hits'] = 0;
}
/*
* Now we increment the value every time the page is laoded
*/
$_SESSION['hits']++;
/*
* now we display the amount's of hits the user has loaded the page.
*/
echo 'You have vistited this site <strong>' . $_SESSION['hits'] . '</strong> times.';
?>
if you load this page and then hit F5, the session value get's incremented every request so you should see something like:
You have vistited this site 1 times.
You have vistited this site 2 times.
You have vistited this site 3 times.
You have vistited this site 4 times.
...
The session file is unique to each person visiting, thus meaning that when using the session variable in PHP it would be to that user only, so everyone get's there own individual session.
as your researching it's goods to search StackOverflow for certain tags, such as PHP and sessions.
https://stackoverflow.com/questions/tagged/php+session
Here's a good question in regards to cookies and sessions advantages etc.
Purpose Of PHP Sessions and Cookies and Their Differences
A website uses something called a "cookie" to store information on your computer.
This information can hold any text string, but in this case it is probably a unique ID that Facebook knows (probably stored in a database somewhere) is tied to a certain user. Cookies can only be read by the website that sent them and by the browser itself.
The login page sends a POST/GET request to a script that generally checks the username/password combo against data in a database a database. If the data is found to be valid, then the user is granted access to the websites landing page (the page after login) and a cookie is stored. If it is not, they are sent back with a error message.
Cookies can also have a "lifespan". This lifespan can be anything: for a certain amount of seconds; until you leave the site; until you close your browser; or forever (there are probably more.)
The website that sent a cookie can also delete a cookie before it expires. This is how most "logout" buttons work.
To allow only logged in users to view content you can first check for a sign that they are logged in, such as look for an active session and that it has a flag which tells you they're logged in ( which you control ). In PHP at the top of a page you can simply:
<?php session_start();
if(!isset($_SESSION['loggedin'])){
header('Location: http://example.com/login.php');
}
?>
which will redirect non logged in users to a login page. Upon success login, you should set $_SESSION['loggedin'] to a value.
To check whether a person who is logged in is allowed view a particular profile is down to looking up where the page is restricted to friends only, and if so, checking that the loggedin user's id is in the profile owner's friend field in the DB.
It is done with cookies. When you log in, the site puts a cookie into your browser for a set amount of time (generally a very long time so that you can stayed logged in). When you access the site again, your browser sends the cookie back to the site (and the site sets a fresh cookie). In any browser, you can find the list of cookies somewhere in the options.
If you want to know more about cookies, you can read the wikipedia: http://en.wikipedia.org/wiki/HTTP_cookie
Do a Google search for "Session Management."
Summary
when you login to a site you get a unique id. That id pulls your data from the database and then populates a dynamic page, like viewProfile.php with your data. So each user pulls the same file, viewProfile.php, but gets different results based on their unique id.