Best IT Recipes

Arrays in PHP Cookies

How to store an array in cookie correctly? in PHP Code example:

$number_ticket=2; $info[7][5]=1; $info[8][5]=1;
+55
arrays security php cookies
Jan 27 '12 at 10:37
source share
8 answers

Data serialization:

 setcookie('cookie', serialize($info), time()+3600);

Then deserialize the data:

 $data = unserialize($_COOKIE['cookie'], ["allowed_classes" => false]);

After the data, $ info and $ data will have the same content.

+65
Jan 27 2018-12-12T00:
source share

To save the array values ​​in a cookie, you first need to convert them to a string, so here are a few options.

Saving cookies as JSON

Code storage

 setcookie('your_cookie_name', json_encode($info), time()+3600);

Reading code

 $data = json_decode($_COOKIE['your_cookie_name'], true);

JSON can be a good choice if you need to read a cookie in a JavaScript interface.

In fact, you can use any group of encrypt_array_to_string / decrypt_array_from_string methods that converts an array to a string and converts the string to the same array. For example, you can also use explode / implode for an array of integers.

Warning. Do not use serialization / unserialize

From php.net

enter image description here

Do not pass untrusted user input to unserialize(). - Everything that comes from HTTP, including cookies, is unreliable!

Security Links

As an alternative solution, you can do this without converting the array to a string.

 setcookie('my_array[0]', 'value1' , time()+3600); setcookie('my_array[1]', 'value2' , time()+3600); setcookie('my_array[2]', 'value3' , time()+3600);

And after you print the variable $_COOKIE , you will see the following

 echo '<pre>'; print_r( $_COOKIE ); die(); 
  Array 
  (    
      [my_array] => Array 
          ( 
              [0] => value1 
              [1] => value2 
              [2] => value3 
          ) 

  )

This is a documented PHP function.

From php.net

Cookies names can be set as array names and will be available to your PHP s as arrays but separate cookies are stored on the user system.

+95
Feb 28 '14 at 20:30
source share

Using serialization and deserialization of cookies is a security risk. Users (or cybercriminals) can modify these cookies, and then, when you do not serialize them, they can run PHP code on your server. Cookies must not be trusted. Use JSON instead!

From the PHP site :

Do not pass unreliable user input to unserialize() regardless of the options allow_classes value. Non-serialization can lead to code loading and execution due to object creation and startup, and an attacker can use this. Use a secure standard data exchange format such as JSON (via json_decode() and json_encode() ) if you need to pass serialized data to the user.

+13
Nov 05 '13 at 15:44
source share

Try serialize() . It converts the array to string format, then you can use unserialize() to convert it to an array. Scripts like WordPress use this to store multiple values ​​in a single database field.

You can also use json_encode() , as Rob said, which can be useful if you want to read a cookie in javascript.

+6
Jan 27 '12 at 10:40
source share

Cookies are basically text, so you can save the array by encoding it as a JSON string (see json_encode ). Keep in mind that there is a limit to the length of the string that you can save.

+5
Jan 27 2018-12-12T00:
source share

You can also try to write different elements in different cookies. Cookie names can be specified as array names and will be available to your PHP scripts as arrays, but separate cookies are stored on the user system. Consider explode () to set up a single cookie with multiple names and values. Serialize () is not recommended for this purpose, as this may result in protective holes. See the setcookie PHP Function for more details.

+2
Jan 27 '12 at 10:44
source share

I recently created this code for my client, I use an array for cookies in this code, in fact this code receives recently viewed pages by the user using cookies, I hope this helps you ...!

 function curPageURL() { // get url return 'http' . (( !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ) ? 's' : '') . '://' . $_SERVER['SERVER_NAME'] . ( $_SERVER['SERVER_PORT'] == 80 ? '' : $_SERVER['SERVER_PORT'] ) . $_SERVER['REQUEST_URI']; } $currentPage = curPageURL(); // call function $counter = $_COOKIE['_counter']; // set counter variable if(!$_COOKIE['_PAGES']){ // if _Pages cookie $default = 1; // set default value to 1 setcookie("_counter",$default,time()+7200); // set counter cookie setcookie("_PAGES[$default]",$currentPage, time()+3600); // set cookie } else{ // if ! _Pages cookie $default = $counter+1; // set default value to +1 setcookie("_counter",$default,time()+7200); // set counter cookie } if(@in_array($currentPage, @$_COOKIE['_PAGES'])){ // if same url found } else{ // if new url found setcookie("_PAGES[$default]",$currentPage, time()+3600); // set cookie } if($_COOKIE['_PAGES']){ foreach ($_COOKIE['_PAGES'] as $value){ echo "<a href='{$value}'>{$value}</a>"; } }
+1
Dec 14 '15 at 20:10
source share

Just found the right thing. Now I can store the products visited in cookies and show them later when they return to the site.

 // set the cookies setcookie("product[cookiethree]", "cookiethree"); setcookie("product[cookietwo]", "cookietwo"); setcookie("product[cookieone]", "cookieone"); // after the page reloads, print them out if (isset($_COOKIE['product'])) { foreach ($_COOKIE['product'] as $name => $value) { $name = htmlspecialchars($name); $value = htmlspecialchars($value); echo "$name : $value <br />\n"; } }
0
Sep 07 '18 at 15:13
source share


More articles:


All Articles