Using the $_COOKIE var to keep important data

Question

I'm creating a wordpress plugin. All the functions I'm writing are 'hooked' into certain wordpress events. This means I have a hard time creating variables that I need to use in several functions.

For example:

There's two functions that are hooked in somewhere:

Display_if_facebook_connected() { 
   if (Check_facebook_connected()) { return 'Yes, connected!' } 
   return ''; 
} 

Display_if_facebook_connected() { 
   if (!Check_facebook_connected()) { return 'No, not connected!' } 
   return ''; 
} 

And they both run a very heavy function:

Check_facebook_connected() { // some heavy facebook connect stuff, return bool } 

I'm basically trying to avoid having the heavy function run twice, since it will have the same result.

In this case, would it be safe to do $_COOKIE['check_facebook_connected'] = true; and then read that variable in the Display_if_facebook_connected()?

By safe I mean that the user can't see or change the value. Since the cookie is never actually set, I think/hope it just disappears at the end of the php code.

I wouldn't be surprised if there is some better way, or better var, to do this with, but with my limited understanding of php I can't think of any.

UPDATE: About sessions: I don't need the values to persist over multiple pages, just one page load. Since Wordpress doesn't use sessions I see no reason to change it.

I experimented a bit and the problem persists:

All of the following code is in the main file of my wordpress plugin. The way I understand it, the plugin file is 'included' at every request, so all code is run everytime I refresh my testpost.

Firstly I create the variable:

 $myplugin_connected = false;

Then I hook my function in the right place:

add_shortcode( 'myplugin_notconnected', 'myplugin_notconnected_func' );

This basically hooks the myplugin_notconnected_func() function into the [myplugin_notconnected] shortcode. (A shortcode is text in a wordpress post, some id between [ ]-brackets. Wordpress loads the code associated with the shortcode whenever it appears.)

Here's the myplugin_notconnected_func():

function myplugin_notconnected_func( $atts, $content = null ) {
    echo '<p>connected: ' . var_export($myplugin_connected, true)  . '</p>';
    return '$contents';
}    

And here's the result:

connected: NULL

This is why I was trying to use $_COOKIE variables because at least they persist over the whole php instance. I apologize for lack of coherence, I'm learning as I go and I definitely appreciate the help!

Answer 1

Scope

Referring to the updated part of your question:

Defining

$myplugin_connected = false;

and getting NULL as result on a subsequent

var_export($myplugin_connected, true)

could mean, that you either defined $myplugin_connected outside global scope (e.g. in a function instead of main), or you have defined in global scope, but have some unset($myplugin_connected) somewhere before the var_export. In both cases the return value of var_export would be NULL.

In your case I believe the former is more probably. You could use:

$GLOBALS['myplugin_connected'] = false;

and

var_export($GLOBALS['myplugin_connected'], true)

to have the connection state (which already has been determined once by your "heavy" function before) available in your shortcode handler.

Cookie

To answer your origin question:

In this case, would it be safe to do $_COOKIE['check_facebook_connected'] = true; and then read that variable in the Display_if_facebook_connected()?

Well, $_COOKIE is a server-side superglobal, so yes, as long as you never actually send/set that cookie on response, the user wouldn't see, nor could change it.

Personally, using $_COOKIE to save a state which is only valid for a single page load, feels just plain wrong to me.

I'd recommend to use at least $GLOBALS over $_COOKIE - or maybe even better use a static variable instead of a superglobal in this case - e.g. something like this:

function isConnected() {
    static $bConnected = null;
    if ($bConnected === null)
        $bConnected = Check_facebook_connected();
    return $bConnected;
}

But that's always in the eye of the beholder^^

Answer 2

Display_if_facebook_connected() { 
   $result = Check_facebook_connected();
   if (!$result) { return 'No, unconnected!' } else { return 'Yes, connected!' } 
} 


$connected = Display_if_facebook_connected();

Answer 3

session_start();
Check_facebook_connected()
{
    if(isset($_SESSION["is_facebook_connected"])) return ($_SESSION["is_facebook_connected"] === true);
    // if we get here we haven't checked the facebook connection status, so do it
    ...
}