How to set cookies for 20 min and check if they are expired

Question

I was thinking of a system that will allow users to post only 1 article per 20 min. I don't use a member system so I thought I could set a cookie for 20 min. And when user posts something check if cookie is set if yes show message like "Only 1 post per 20 min allowed" if it is not set than put stuff in database.

I'm relatively new to php and don't know how to set cookies, I tried looking at php.net manual on cookies, but it was too confusing for me. So can you please show how to set a secure cookie for 20 min and check if it is or is not set. Maybe you have Better suggestions that will work instead of cookies etc.

Thank You.

Answer 1

I know this is 8 years old but would like to add some things on of the problem of using cookies for your specific needs.

If you really want users to only post 20 mins then that best thing is to use Sessions, not cookies as cookies can easily be edited and people can just set their time to just 1 min or lower. So best thing to use is sessions. I know this answer is off-topic but just wanted to say some info on that, and I hope it helped in some way. I have included some documentation to Cookies and Sessions as well though, so if you or anyone needs some extra help.

Source: Stack Overflow

Documentation:

• W3School - Sessions
• W3School - Cookies
• php.net - Sessions

Answer 2

As pointed out by others, cookie method to do this kind of job is useless. So encrypting is also a waste of resources here.

You should insert CAPTCHA validation if you want to prevent spams

For what you are trying to do here is the ready to use code.

I have included encryption of cookie values so anyone can't change the value of the cookie.

But still they can just delete the cookie which a normal user won't do if they see some encrypted values in them.

<?php
$cookiename="yourcookiename";
$mysalt="secret salt";
function encrypt($text, $salt) 
{ 
    return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $salt, $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)))); 
} 

function decrypt($text, $salt) 
{ 
    return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))); 
}

$read="false";
if(isset($_COOKIE[$cookiename]))
    {$read=decrypt($_COOKIE[$cookiename], $mysalt);
    }
if($read=='true')
{
//your stuff
setcookie($cookiename, encrypt("true", $mysalt), time()+20*60);
}
else {
//can't post
}

?>

Answer 3

Using cookies for that purpose makes no sense.
If it's registered users you are talking about, you have to store such information on the server side.
But if it's anonymous users, you can't prevent them from posting every second. To clear cookies from the browser is a matter of pressing just one button.

Answer 4

set like

setcookie("TestCookie", $value, time()+1200);

check after 20 min if it will expire than it work else not..

Answer 5

See these functions:

• setCookie
• get cookie value

To set a cookie for 20 min you can do this:

setcookie("postedArticle", true, time() + (60 * 20)); // 60 seconds ( 1 minute) * 20 = 20 minutes

Check if cookie is set:

if(isset($_COOKIE['postedArticle']) && $_COOKIE['postedArticle'] == true)
{ 
    // IS SET and has a true value
}