The use of Cookies

[musicscore]

Hey There Again.

I'm building a module and I want that module to know when an user visited a page.
When he visited the page less then x hours ago, an php action is skipt.

So I was thinking of two solutions :

• Using a cookie - Set a cookie with a date value and exparation periode and check the date value (this is the easy way)

• Register the user in a database with ip-address and timestamp. (A lot of programming)

I was thinking about using the cookie methode but sometimes coockies are blocked by the browser of the user.

What do you think is the best way to check to time an user was visiting a page.
Please your advise.

[DIGI3]

Typically you'd use session variables for this. I don't have specific recommendations as I'm not a module developer, but hopefully that points you in the right direction.

[musicscore]

Thanks Digi3

Session variables only resist as long as the visitor keeps his browser open. When he closes his browser, start it again and opens the website again, the module will not know when that user/ip-address was here before. So I need to use Cookies or a database entry.

That is why I think Session Variables will not work.

(Ps. I am also not a developer (yet) but trying to make a nice module and learn, learn and learn)

[DIGI3]

Cookies are probably best in that case then. If you follow guidelines for the target audience, and don't store any personal information, most people will consent. If they do not consent or have cookies disabled, they are generally aware they will lose some functionality.

[Jo Morg]

Session variables only resist as long as the visitor keeps his browser open. When he closes his browser, start it again and opens the website again, the module will not know when that user/ip-address was here before. So I need to use Cookies or a database entry.

That is why I think Session Variables will not work.

That's not entirely correct...

What Are Sessions in PHP?

A session in PHP is a way of storing information (in variables) to be used across multiple pages. Sessions are stored on the server and can hold large amounts of data. A session is identified by a unique session ID, which is typically stored as a cookie on the client’s browser. When the session is started using session_start(), PHP automatically associates the session ID with the corresponding session data on the server.

So sessions are also dependent on cookies.
Also keep in mind that sessions, by using cookies, are also subject to the legal rules that apply to cookies, and which vary somewhat depending on the visitors' country of origin. To the best of my knowledge if a session doesn't store personal information, or any information that may allow tracking visitors across domains, there is no need to ask consent.

Given the above, I tend to favor the use of sessions, since in this case the data that is of any interest to the site (app/module/etc...) is always stored securely on the server if best practices are observed. Note that if a browser blocks cookies, even sessions are impossible to manage as we can gather from the quote above. And cookies, even encrypted, are stored locally on the browser side and can be hijacked. A session id can also be hijacked, but it's not as serious as having the full data at hand in the cookies, encrypted or not.

HTH