Codeigniter cookies

Question

I was hoping someone, could give some information on Cookies and Codeigniter, I have read there user guide on them so I have an understanding of how to set them, etc. What I want to know is how do I use for example if you look at the BBC website, you can drag and drop the boxes and it will remember where you placed them with out the need for you to sign up or login in etc, so I assume it is being stored in the the cookie.

On my site, I have a menu system that allows the user to choose the content that features on 'their' page, now I don't want them to have to sign up or log in so I assume I could somehow store the content they requested in the cookie? Is this possible? Currently they click a link and the relevant content is pulled from the database using the ID in the URL and the ID in the database a match. Do I just save each ID that is requested? And if so how?

Thanks

Answer 1

The fact that you're using CodeIgniter doesn't matter, as you can set cookie information pretty easily with any platform you use. CodeIgniter simply provides wrapper functions for cookies to make them easier to deal with. If you know how to use CI's cookie helper, then you should have no problem making this work.

The most reliable solution would be to use a cookie that holds a unique id for that user. That unique id matches a database record that contains the settings for the user. By only saving the unique id in the cookie, you avoid having to read and write to the cookie when settings change. If you add new features to your site that need their own settings, you won't have to touch the cookie, you'll just add the new settings values to the db. Additionally, you don't want to expose settings information in your cookie, which may allow someone to edit the contents of the cookie to attempt a SQL injection or some other attack.

You can create more than one cookie for your site, so I would make new cookie for the unique id to match to the user settings. When a user visits your site, load the CI cookie helper, then use CI's get_cookie('unique_cookie') helper to find the cookie. The cookie name 'unique_cookie' is what you're using as the name of the cookie that contains the user's unique id.

If get_cookie() returns false, then the user doesn't have the cookie, so he's probably visiting for the first time or he deleted the cookie. You have to create a new cookie using set_cookie($cookie_array). The set_cookie() method takes an associative array as an argument. That array contains the values for the cookie, one of which is 'name' which you will set to 'unique_cookie', and 'value' will be a unique id (use the CI String helper's random_string() method to create a unique id). While you're setting the cookie, you also want to create a db record with that unique id the contains the default settings values.

While the user is on your site, create a session object (using CI's session library) that holds on to the unique id so when the user changes settings during the session you can match the session's unique id value to the db record so you can make updates to that record without having to keep touching the cookie. For any controller actions that may need to get or set settings, you can use the session tools to get the unique id. You should only need to touch the cookie when the user first enters your site and a session object has not been created yet.