Question

I am trying to offer my users a smooth data entry experience even if they walk away from their browser for a while, then come back and find out they have been logged out because the session timed out.

In my case this is particularly important as I am asking my users to enter potentially more than 100 answers to a questionnaire (a bit like an income tax form). So it is quite understandable that they cannot respond to all these answers all the time without experiencing a session timeout from time to time.

I have been reading up about how to best preserve the data that the user has entered until the timeout happens and have decided to building a solution where the user's answers are first stored in session variables and, at the point of session timeout, stored in a database. I also store the filename in the database where the session timeout occurs so I can bring the user back to that place.

This now works. So if the timeouts occurs, the user is asked to log in again and then brought back to the place in the questionnaire where the timeout happened. So far, so good.

But I have my doubts as to the efficiency of my solution. When I look at the session information stored in the cookie on the client's PC (i.e. my PC; using an XAMMP-PHP-MySQL setup), I see all the information, that I have just stored in the database, nicely sitting in a cookie. The cookie still remains on the client's PC after the session has timed out. Should it not be much simpler for me to read the contents of that client's cookie into a new session after the client has logged on again? I know the name of the cookie. But I cannot find a good example of reading the key=>value pairs from the cookie into new session variables. The cookie looks like this:

last_active|i:1392715552;loginName|s:4:"Carl";password|s:7:"secret";answer|s:17:"log in and finish";auth|s:3:"yes";logname|s:4:"Carl";LastLogin|s:19:"2014-02-18 15:59:16";SearchCredits|s:4:"1144";UniqueClockRecordID|s:13:"530320ebd7d20";ClockType|s:0:"";ClockMaterial|s:0:"";MovementDuration|s:0:"";TypeOfTrains|s:0:"";SameBarrel|s:0:"";PassingStrike|s:0:"";TypeStriking|s:0:"";StrikingMechanism|s:0:"";ChimeMelodies|s:4:"NULL";ChimeMechanism|s:0:"";BellOrGong|s:0:"";HowManyBells|s:0:"";SortGong|s:0:"";WheelsGoingTrain|s:4:"NULL";WheelsStrikingTrain|s:4:"NULL";WheelsChimingTrain|s:4:"NULL";WheelsAlarmTrain|s:4:"NULL";SubTypeLongcase|s:0:"";SubTypeChronometer|s:0:"";SubTypeStreet|s:0:"";SubTypeTable|s:0:"";SubTypeTurret|s:0:"";TypeAutoWinder|s:0:"";SubTypeWall|s:0:"";EscapementType|s:0:"";PlatformEscapementType|s:0:"";HowManyDials|s:0:"";SettingDial|s:0:"";ClockmakerOnDial|s:4:"NULL";RetailerOnDial|s:4:"NULL";CityOnDial|s:4:"NULL";CountryOnDial|s:4:"NULL";SayingOnDial|s:4:"NULL";AnythingElseOnDial|s:4:"NULL";FakeRealClockmaker|s:0:"";Clockmaker|s:4:"NULL";BestGuessClockmaker|s:4:"NULL";ClockmakerClockNumber|s:4:"NULL";ClockmakerOnClockPlates|s:4:"NULL";AnythingElseOnPlates|s:4:"NULL";OtherMarksOnClock|s:4:"NULL";ClockCountry|s:4:"NULL";EarliestClockMadeDate|s:10:"0000-00-00";LatestClockMadeDate|s:10:"0000-00-00";BestGuessClockMadeDate|s:10:"0000-00-00";MarriageOriginal|s:0:"";MarriageDescription|s:4:"NULL";Damaged|s:0:"";DamageDescription|s:4:"NULL";CaseStyle|s:0:"";BuildingType|s:0:"";CaseMaterial|s:0:"";CaseHeight|s:4:"NULL";CaseWidth|s:4:"NULL";CaseDepth|s:4:"NULL";PlinthHeight|s:4:"NULL";PlinthWidth|s:4:"NULL";PlinthDepth|s:4:"NULL";TrunkHeight|s:4:"NULL";TrunkWidth|s:4:"NULL";TrunkDepth|s:4:"NULL";HoodHeight|s:4:"NULL";HoodWidth|s:4:"NULL";HoodDepth|s:4:"NULL";CaseOther|s:4:"NULL";DialShape|s:0:"";DialDiameter|s:4:"NULL";DialHeight|s:4:"NULL";DialWidth|s:4:"NULL";DialThickness|s:4:"NULL";DialMaterial|s:0:"";FalsePlate|s:0:"";Hands|s:0:"";HandsMaterial|s:0:"";SubDials|s:0:"";ClockLevers|s:0:"";WeightSpring|s:0:"";GoingTrainWeight|s:4:"NULL";StrikingTrainWeight|s:4:"NULL";ChimingTrainWeight|s:4:"NULL";AlarmTrainWeight|s:4:"NULL";LengthSpringGoing|s:4:"NULL";HeightSpringGoing|s:4:"NULL";ThicknessSpringGoing|s:4:"NULL";LengthSpringStriking|s:4:"NULL";HeightSpringStriking|s:4:"NULL";ThicknessSpringStriking|s:4:"NULL";LengthSpringChiming|s:4:"NULL";HeightSpringChiming|s:4:"NULL";ThicknessSpringChiming|s:4:"NULL";LengthSpringAlarm|s:4:"NULL";HeightSpringAlarm|s:4:"NULL";ThicknessSpringAlarm|s:4:"NULL";GoingFusee|s:0:"";StrikingFusee|s:0:"";ChimingFusee|s:0:"";NumberOfPillars|s:4:"NULL";PlatesShape|s:0:"";PlateDiameter|s:4:"NULL";A_PlateTopWidth|s:4:"NULL";A_PlateBottomWidth|s:4:"NULL";PlateHeight|s:4:"NULL";PlateWidth|s:4:"NULL";FrameDepth|s:4:"NULL";PlateThickness|s:4:"NULL";CalendarType|s:0:"";MaintainingPowerType|s:0:"";StrikeSilent|s:0:"";RiseFall|s:0:"";PullRepeat|s:0:"";HoldFast|s:0:"";WindingKey|s:0:"";CaseKey|s:0:"";Pendulum|s:3:"yes";PendulumLength|s:6:"234567";PendulumTemperatureCompensation|s:3:"yes";PendulumTemperatureCompensationType|s:0:"";BalanceTemperatureCompensation|s:0:"";BalanceTemperatureCompensationType|s:0:"";PictureClockURL|s:4:"NULL";PictureClockImg|s:4:"NULL";AuctionedWhen|s:10:"0000-00-00";AuctionHouse|s:0:"";AuctionLotNumber|s:4:"NULL";AuctionedInCity|s:4:"NULL";RealisedAuctionValue|s:4:"NULL";RealisedAuctionValueCurrency|s:0:"";EstimatedValueClock|s:4:"NULL";EstimatedValueClockCurrency|s:0:"";MoreInfoOnClock|s:4:"NULL";OtherPartsToClock|s:4:"NULL";TickingSoundClock|s:4:"NULL";StrikingSoundClock|s:4:"NULL";ChimingSoundClock|s:4:"NULL";AlarmSoundClock|s:4:"NULL";ClockForSale|s:0:"";PriceForSale|s:4:"NULL";PriceForSaleCurrency|s:0:"";Stolen|s:0:"";MissingDate|s:10:"0000-00-00";FinalComment|s:4:"NULL";

Although the cookie contents clearly show a key=>value pair design, I believe it is just written as one long string. I would need some kind of parser to write this cookie back into a new session variables. Is there an existing programme that does this?

Before, I settle on a solution based on reading the cookie, I hope to get some comments on the wisdom of using the cookie to bring my users back to where the session timed them out, as compared to storing the session values temporarily in a database as I have done so far.

No correct solution

OTHER TIPS

First of all: do not save passwords in a cookie! This is a very bad idea security-wise.

There must be a function that creates this cookie (something that creates a string with limiters from an array). Just revert this function to get the data out of it into an array and then replace the session array with the cookie values.

Useful functions:

explode

array-merge

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top