0

I'm creating a crude view counter for my site that will update the database and then set a cookie with the ID of the page so another view won't get inserted. Today I realized that very quickly the user can have tons of cookies depending on how many pages they visit on the site. Is there a better way to only insert one view per user or is this cookie method adequate. Thanks.

PHP View Update Code:

public function updateViews ($id) {
    $db = Database::getInstance();

    //Set Cookie to indicate viewed
    setcookie($id, rand(), time()+3600*24*365*10);

    //Set required variables
    $currentViews = $this->getData($id)->fetch(PDO::FETCH_ASSOC)['views'];
    $newViews = $currentViews + 1;

    if (isset($_COOKIE[$id])) {
        //Do nothing because cookie isset
    } else {
        //Define Query
        $query = "UPDATE coils SET `views` = '".$newViews."' WHERE `uniqueid` = '".$id."'"; 

        //Prepare Query
        $prepareQuery = $db->getConnection()->prepare($query);

        //Execute Query
        $prepareQuery->execute();
    }

    $currentViews = number_format($currentViews);


    //List results to user
    if ($currentViews > 1) {
        $this->views = $currentViews . " Views";
    } else if ($currentViews <= 1) {
        $this->views = $currentViews . " View";
    }
}
Joe Scotto
  • 10,936
  • 14
  • 66
  • 136
  • 3
    They can't have tons of cookies.. http://browsercookielimits.squawky.net/ –  Jan 07 '16 at 23:04
  • @aaronxxx What about per-page cookies. Is this possible and would it be effected by the cookie limit? – Joe Scotto Jan 07 '16 at 23:13
  • 1
    According to that site @aaronxxx linked you should not load them up from your domain with more than 50 cookies exceeding 4096 bytes. If you are exceeding that then you should consider using sessions instead. Unrelated, you should use just a plain if statement and not your `isset` (e.g. `if (!isset($_COOKIE[$id]))`) instead of using an if/else. – salad_bar_breath Jan 07 '16 at 23:22
  • @Douglas_Symb What are the rules on sessions? – Joe Scotto Jan 07 '16 at 23:23
  • They're handled server-side instead of on the clients browser. Check out this [SO discussion](http://stackoverflow.com/questions/6253633/cookie-vs-session) for more info. – salad_bar_breath Jan 07 '16 at 23:27
  • @Douglas_Symb I just got it working with sessions but the issue now is that once the browser is closed the session is gone. – Joe Scotto Jan 08 '16 at 00:15
  • @aaronxxx I don't think this will work. I need it to be persistent when the user closes the browser not timeout after a set amount of time. – Joe Scotto Jan 08 '16 at 00:40
  • by the way its session normal behavior.. –  Jan 08 '16 at 00:57
  • 1
    You can change the `session.cookie_lifetime` directive in your server's `php.ini` file, or you can alter the parameters of `session_set_cookie_params` (Probably the better choice). Check out how to do that [here](http://php.net/manual/en/function.session-set-cookie-params.php). – salad_bar_breath Jan 08 '16 at 12:36
  • @aaronxxx Thanks for your help. I've decided that using a database would work better than just sessions/cookies. – Joe Scotto Jan 08 '16 at 21:54
  • Glad i could help,it will be more secure also –  Jan 08 '16 at 23:16

1 Answers1

0

After reading up on both sessions and cookies I decided that a database would be a better solution. It will allow me to prevent multiple views from different browsers and would be more accurate than just a cookie/session.

Joe Scotto
  • 10,936
  • 14
  • 66
  • 136