Search Result Bookmark

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
jtron85
Forum Newbie
Posts: 9
Joined: Fri Nov 03, 2006 5:06 am

Search Result Bookmark

Post by jtron85 »

Hi all,

I've just signed up and I'm still quite new to PHP.

Currently I'm trying to develop an online trader site where users can place online advertisements of cars, motorbikes etc. And other users can browse through the ads through a search engine.. sounds simple

I've completed my search engine which picks up the information from the MySQL database and displays the list of results. What I want to add is a function where users can select certain ads from the search result which they can browse through later and make a comparison.

An example I found was much like this:

http://bikesales.com.au/as/search/s.do; ... &x=69&y=31

I have no idea on how to approach it so any help would be very much appreciated.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

You can keep those choices in a cookie, in a session or in a database - all approaches have different pros and cons.

The difference between these approaches is persistence:
- deleting a cookie depends on the client
- deleting a session depends on the server software + setup
- deleting a database entry depends on the server software

So depending on the expected lifetime of this information and how sensitive it is, you choose one of these.
For your particular situation, cookies are good and simple enough. Keep the user's choices in an array and serialize() it before setting it in the cookie, and unserialize() it back to use it as an array. It is good to check that your hosting has the latest PHP version, as recently there were problems found with unserialize() -- they affect the hosting, not you in particular, so don't worry much about it, it was probably fixed.
jtron85
Forum Newbie
Posts: 9
Joined: Fri Nov 03, 2006 5:06 am

Post by jtron85 »

Thanks for the reply.

Well the lifetime of the selected information will only span for the time when a user is searching for a vehicle.

I've though about the concept of using sessions although that won't work because the system will destroy all sessions when a logged member logs out.

A friend of mine mentioned something about creating a table within the database which will create rows for the random users who come across the site and create an ID for them. It will then record all the advertisment ID's that they've chosen
and will store them for the time their on the site. This approach made some sense to me although I assume theres a large con for that approach I'm not aware of until I try it.

I'm not too familiar with how to use cookies with PHP unfortunately although it seems like a very good approach since the informations lifespan won't last long. Would there be a problem if a user periodically erase their cookies or has set their software to reject them?

What are the implications of unserialize() with hosting? My hosting is currently running PHP 4.4.4
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

Read up more on cookies and sessions, there's plenty of info/tutorials online and they are key concepts in writing web sites with PHP.
For example, only the session of the logging-out user will be erased, not all of them. Sessions may require (or not) cookies to function, so depending on cookies for the site to work is an easy and realistic option.
If not, session ID-s can be passed in the URL, which is generally considered a less secure option.

Storing temp data in the database opens the question on "garbage collection" - i.e. how and when to detect and delete obsolete data. This is why cookies/sessions are maybe better suited for the task untill you are ready to understand all the details in working with databases.

4.4.4 is safe for unserialize()
http://www.hardened-php.net/advisory_092006.133.html
jtron85
Forum Newbie
Posts: 9
Joined: Fri Nov 03, 2006 5:06 am

Post by jtron85 »

Ok thanks Mordred.

Thinking more realistically using cookies would be a better approach.

I didn't think too much on how to detect the obsolete data. Although I do have access to Cpanel and planned to use Cron Jobs to delete data, let's say from the previous day. Although removing the need to place info on the server is always a benefit.

Well thanks for the great help. I'll look into cookies for now. :wink:
Post Reply