Cookies Management in PHP

Zia

2 Followers

Follow

Apr 5, 2024

-

1 sec read

361

0

0

0

Websites store user information in databases to maintain track of their visits. However, there can be users who do not register with a Website but frequently visit the Website. Cookies enable Websites to store user information. One of the uses of cookies is to store information about such visitors. PHP supports HTTP cookies.

Introducing a Cookie

HTTP is a stateless protocol because the execution of the current command is completed without the knowledge of commands that came before it. When a Web browser requests a static Web page, the server completes the request by sending the required file. This process does not involve any interaction with the user. The user simply clicks hyperlinks on the website and accesses the Web page containing the content. Transfer of static data from the Web server to the Web browser.

For dynamic Web pages that require user interaction, scripting languages such as JavaScript, PHP, and Active Server Pages(ASP) are used. Dynamic Web pages accept information from the user and record it for further processing.

For example, in an online shopping Website, the user navigates through the Website, and products purchased by the user are added to the Web Brew shopping cart. On completion of the order, the Website prompts the user to enter transaction details for order confirmation and delivery. Transfer of dynamic Web pages.

There can be two types of data and Cookies respectively on Websites.

Websites store two types of data and they are as follows:-

• Temporary - Temporary information is stored in cookies for a stipulated period.
• Permanent - Permanent data is stored in cookies for a certain period and then the required information is saved in the database.
  
  

Websites Use two types of cookies and they are as follows:-

• Persistent - Exist in the Webbrowser for a period specified at the time of its creation.
• Non-persistent - Deleted from the web browser as soon as the user exits the browser.
  
  

For example, on an online shopping Website, a user selects a few products and adds them to a shopping cart. The user then navigates to the next page and selects additional products. In such a situation, user information needs to be stored before the user navigates to the next page. Although the user has not completed the transaction, the Website stores the data in a temporary variable called a cookie. Temporary data is stored in a cookie.
 
When the order is canceled, the product added to the cart is no longer needed by the Web server and Web browser. Such temporary data stored in the cookie is deleted as soon as the order is canceled or the Web browser is closed. Deletion of temporary cookie when order is canceled.

When the user places an order, he/she enters transaction information, such as name, address, and credit card details on the order confirmation. Such confidential information is stored in the hard drive of the client. However, when the User cancels the order, the cookie containing the confidential information is deleted.

websites use cookies to determine the following:

• Number of times the user has visited the Website
• Number of new visitors
• Number of regular users
• Frequency of a user visiting the Website
• The date on which the user had last visited the Website
• Customized web page settings for a User
  
  

When a user visits the Website for the first time, the Web server creates a unique ID and sends the ID in the cookie to the web browser. The browser stores the cookie and sends it back to the Website in subsequent requests. The Web server can read the information stored in the cookie only when it is related to the Website. The life of a cookie depends on the expiration time and date. The cookie is stored on the hard disk of the user's computer. This enables the Website to keep track of the user visiting the Website. The information about the user is generally stored in the name-value pairWeb servers and Web browsers send cookies to each other in HTTP headers. The Web server sends the cookie to the browser in the set-cookie header field. This field is a part of the HTTP response. The Web browser stores the cookie and uses the same in subsequent requests to the same Web server.

Sessions in PHP | $_SESSION part 1 | PHP tutorial class-11 in اردو/हिन्दी:

Setting a Cookie

Cookies incorporate HTTP request and response headers. Setting a cookie is sending the cookie to the browser. PHP uses two functions, setcookie() and setrawcookie() to set a cookie. programming prefers using setcookie () function because the setrawcookie() function sends a cookie without encoding the cookie value. The setcookie() function generates a cookie header field that is sent along with the rest of the header information.

• Name - defines the name of the cookie. these are mandatory attributes.
• Value - defines the value of the cookie that is stored on the client system. this is also a mandatory attribute.
• Expiry date - defines the date and time (UNIX timestamp) when the cookie will expire. The cookie is not used once the expiry date is reached. This is an optional attribute.
• Path - defines the location on the server where the cookie will be stored. It specifies the upset of the URLs present in the domain where the cookie is applicable. If the path attribute is not specified in the setcookie() function, the path of the document present in the header is taken.
• Domain - defines the domain name where the cookie is made available.
• Secure - defines the type of HTTP connection that the cookie will pass through.
  
  

When the cookie is set, the value is automatically encoded in the URL, When the script retrieves a cookie, it automatically decodes the value from the URL. PHP executes codes In a specific sequence. HTTP headers are executed before the scripts. cookies are a part of the HTTP header. There can be more than one cookie in the header, but it should relate to the same domain or website.

Retrieving Cookie in PHP

Cookies are useful only when the Web server can retrieve the information from them. The cookie is available only when the next page is reloaded. The Web browser matches the URL against a list of all the cookies present on the client system. If the Web browser finds a match, a line containing the name-value pairs of the matched cookie is included in the HTTP header.

The document that created the cookie can access it. All documents that are present in the same directory can also access the cookie. The documents outside the directory need to include the path or the domain name of the cookie to access the cookie. PHP provides three ways of retrieving a cookie value and they are as follows:

• Passing a variable as the cookie name - To retrieve the cookie value, use the variable as the cookie name. The following code snippet displays a cookie value:
  echo $cookie name;
  
  This method of retrieving the cookie value is not recommended. This is because PHP will start searching all the variables present in the client system. The register globals option must be enabled in the configuration file to use this method to retrieve cookie value.
  
  
• Using $_COOKIE array - PHP Uses cookie name as a Variable to retrieve the cookie Value. PHP can also use an associative array called $_COOKIE to retrieve the cookie value. The $_COOKIE is a global variable that reads the value of the cookie. The name of the cookie must be passed as the key to the $_COOKIE array.
  
  
• An example of this is shown as follows:
  echo $_COOKIE ($cookie_name ];
  
  This is more reliable and faster than retrieving the cookie value through a variable.
  
  
• Using $_COOKIE[ ] variable - You can also use the following to retrieve the cookie value:
  $_COOKIE ['$cookie name'];
  
  This method of retrieving the cookie value is recommended and considered the best method. It is also known to be simpler and more secure than using the deprecated $HTTP_COOKIE_VARS [ ] associative array.
  
  
  

Deleting a Cookie

Cookies can be deleted automatically or manually. There are two ways to delete a cookie, which are as follows:

• Resetting the expiry time of the cookie to a time in the past
• Resetting a cookie by specifying the name of the cookie
  
  

When a cookie is created that has the same name and time as an existing cookie, the existing cookie is deleted from the hard drive of the client.
To delete a cookie with a date in the past
setcookie ("$cookie_name"," ", time ()-8000);

Problems with cookies

Websites store user-related information on the client system. Cookies are not secure and reliable because the user-related information can be accessed by anyone who has full access to the client system. The user-related information can contain sensitive information, such as credit card information, passport number, password, or identification number.

Following are some of the drawbacks of cookies:

• Cookies cannot contain more than a certain amount of information. The Cookies work well when the size is limited to four kilobytes (KB). Websites cannot use cookies to store a large amount of data.
  
  
• Only a maximum of 20 cookies of a domain can be maintained.
  
  
• A browser can maintain a maximum of 300 cookies. Older cookies that were stored earlier are deleted to accommodate the newer cookies of the different Websites.
  
  
• Storing a large number of cookie files slows down the system. To enhance the performance of the system, users often delete temporary files that contain cookies. Website statistics may go wrong when users delete such cookies to improve performance.
  
  
• Some Users disable cookies while accessing Websites. The Websites that depend on cookies lose the information of such Users.
  
  
• There can be multiple users using the same system visiting the same Website. Websites assign cookies to the system and not to the user. This co hamper the number of visitor's statistics.
  
  
• A cookie is created whenever you access a Web page. Therefore, Cookies can contain a large amount of information. Retrieving a larger amount of information on each page requires repetitive coding across the pages.`