Remembering Non Registered Visitors

You have a couple of forms on your site that require the same user information or

a single form that is frequently resubmitted by visitors. You don't have the time to implement

user registration and don't want to spend hours or days learning somebody else's code.

You are not sure if people will sign-up at all. What you need is to "remember" non-registered visitors.

Why people may not register

• It takes time even if you only fill in a username and password
• Many services on the web require lots of information
• Some sites require additional action to activate your account

What are the benefits of remembering visitors?

• People may opt to turn it off
• Can coexist with the same service for registered users
• Doesn't take much time to implement it
• Doesn't require a database

And the drawbacks

• Requires cookies, at least when you want it to be permanent
• The same browser has to be used every time

What exactly is it?

It is a way to remember the information the visitor of your site entered

either for the current session or for a specified amount of time with a cookie.

When the visitor submits the form the reusable information - the information that doesn't change

when the same user fills the form another time - is saved. Depending on the implementation, you could offer

an option to permanently save the information as a cookie or just to save it for the session.

What is required?

A server-side scripting language such as

PHP,

ASP,

JSP or anything as CGI

that will both display the form and process the submitted values.

And some code

The example provides the code in PHP but as said above it can be done in

any server-side scripting language or application.

define('COOKIE_REMEMBER', 'remember-me');
session_load_remembered();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    processData();
} else {
    displayForm();
}

Our cookie name is defined with a constant so if you want to change

it you can do it in one place. The first function call initializes the session variables

from that cookie, if available.

Next we check if we should display the form or

process the submitted one.

function session_load_remembered() {
    if (isset($_COOKIE[COOKIE_REMEMBER]) ) {
        // the order of name, email has to be the same as in the code to save the data
        list($_SESSION['name'], $_SESSION['email']) = @unserialize($_COOKIE[COOKIE_REMEMBER]);
    }
}

PHP's unserialize function takes a string representation

of a PHP variable - array in our case, and returns the structure itself. We've suppressed

error messages with the @ control operator because the cookie may have

been modified by the user. The list language construct is used to set the values of

our session variables at once.

We've used PHP's 4.1 style superglobal _COOKIE and

_SESSION arrays; if you want to use the code with an earlier

version of PHP you need to modify the code to HTTP_*_VARS

and import it from the global namespace with a global declaration

as in the example:

global $HTTP_COOKIE_VARS;
echo $HTTP_COOKIE_VARS[COOKIE_REMEMBER];

function displayForm($subject = '', $comment = '') {
    ?>
    <form method="post" action="<?php echo $_SERVER['PHP_SELF']?>"
        onsubmit="return true">
    <table border="0" cellspacing="5" cellpadding="0" summary="Comments form">
    <tr>
        <td>Name:</td>
        <td><input type="text" name="fullName" id="fullName" value="<?php echo $_SESSION['name']?>" /></td>
    </tr>
    <tr>
        <td>E-mail:</td>
        <td><input type="text" name="email" id="email" value="<?php echo $_SESSION['email']?>" /></td>
    </tr>
    <tr>
        <td>Subject:</td>
        <td><input type="text" name="subject" id="subject" value="<?php echo $subject?>" /></td>
    </tr>
    <tr>
        <td colspan="2">
            <input type="checkbox" name="remember" />
            Remember me
        </td>
    </tr>
    <tr>
        <td colspan="2">Comments:</td>
    </tr>
    <tr>
        <td colspan="2">
            <textarea id="comment" name="comment" rows="8" cols="40"><?php echo $comment?></textarea>
        </td>
    </tr>
    <tr>
        <td><input type="submit" value="Add comment" /></td>
        <td><input type="reset" value="Clear fields" /></td>
    </tr>
    </table>
    </form>
    <?php
}

This isn't perfect HTML: you should add titles to the code,

and also wrap the text labels in HTML label elements. Other improvements

can also be made, it's up to you.

This is an example PHP function to display a comments form. Note that we've set the

default values of the name and email fields to our session

variables that will hold the saved data. The other two default values for the

subject and comment are just put in case server-side

validation fails and we need to redisplay the form with the values filled in.

function processData() {
    // some validation
    // redisplay the form if it fails with a line like:
    // displayForm($_POST['subject'], $_POST['comment']);
    // if all is ok
    $_SESSION['name'] = $_POST['fullName'];
    $_SESSION['email'] = $_POST['email'];
    if (isset($_POST['remember']) ) {
        setcookie(COOKIE_REMEMBER, 
            serialize(array($_SESSION['name'], $_SESSION['email']) ),
            time() + 31104000);
    }
    // add the info to database
}

This one handles the submitted data, validation needs to be put in place of course.

When all data is correct we can save our data in the session, and

also set up a cookie that will remember the info for the visitor's next visit to the site if he/she requested it.

The POST variable remember will be set to on when

the visitor checks the box, otherwise it will not be set at all. The code to set the

cookie will make it expire in one year.

If you are on a shared host and your site is

accessible under one directory it is recommended to set the next optional parameter

to setcookie to that directory to prevent cookie leaks.