荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: zzt (打倒北约!!!), 信区: Homepage
标 题: Cookies How To!
发信站: BBS 荔园晨风站 (Thu May 20 13:28:58 1999), 转信
发信人: sunose (小兵), 信区: Script
标 题: Cookies How To!
发信站: 龙门客栈 (Wed May 12 16:39:06 1999), 转信
In the Internet world, the word "cookie" refers to a chunk of information
that is passed from one application to another, with
the expectation that the receiver will store the chunk and send it back
in the future.
The most common use of cookies on the Web is to "save state on the clien
t side," which is geek-talk for having the Web
server send a chunk of data to the browser that the browser saves, in me
mory and then on disk. The browser then sends this
chunk back to the server as part of every request to that server or a sp
ecific sub-part of the server (e.g., a cookie might
cause the browser to send itself as part of every request starting with,
say,
http://www.netscapeworld.com/club/members/.)
When a Web server gets a request that includes a cookie (they are in the
HTTP header), it is supposed to put the contents into
an environment variable ("HTTP_COOKIE") before executing any CGI program
as a result of the request, thus, any CGI
program can make use of the data stored in the cookie. Note that CGI pro
grams are also the usual method for sending
("setting") a cookie to a browser.
This article focuses on two important parts of a cookie: The Name and th
e Value.
When a CGI program reads the HTTP_COOKIE environment variable it will fi
nd a single string containing all of the cookies the
browser sent. Each cookie has a NAME=Value pair, and is separated from t
he others with semi-colons.
The contents of HTTP_COOKIE for a request with a single cookie might be:
IDENTITY=19970117.WPI.1034
And for two cookies...
IDENTITY=19970117.WPI.1034 ; CLUB_PREFERENCES=0-2-3-17-1-23-A-5-14
Note in the second example how the two cookies have different names and
contain different data.
By taking apart the information in one or more cookies, it is possible t
o both customize what is sent back to a user, and to
analyze user activity in ways that would be harder or impossible without
cookies.
How to customize the user's experience
"Mass customization" is a buzzword that refers to creating something uni
que for each member of a vast audience. For
example, a clothing store is practicing mass customization when it shows
you patterns and fabric samples and measures you in
the store and then sends the data to a factory to create a custom suit o
r dress.
On the Web an example would be learning what city and state a user is in
terested in and automatically inserting links to local
news and events in a page they see.
On the Web, we have the ability to do mass customization on, well, a mas
s scale. Here's how.
1.The requirements
A.Information about the user. Custom in, Custom out. This means t
hings like what they are interested in, or want to
avoid (if they have a slow connection, they may want to avoid
large files...)
B.A way of storing and retrieving that information.
2.The methods
A.Store in cookie
As you might have guessed, a lot of user information can be st
ored in a cookie.
Let's start with an example of setting a cookie. We assume tha
t we have a form that users fill out, and one of
the things they enter is their country and state/province of i
nterest (they may not live there, but are still interested
in it.) We have a CGI program that receives the form input, an
d puts these two pieces of information into
$FORM{country} and $FORM{state}.
Let us further assume that the page we want to send back to th
e user, after they have finished submitting the
form, is an HTML file whose pathname is in the variable $retur
n_page.
This code fragment will send the user the HTML file, and will
also set a cookie containing the country and state.
The cookie is set to Expire on Sat Jan 11 22:11:04 GMT 1997.
If the user had entered "Bulgaria," as their country, and "New
York" as the state, then the cookie would contain
the NAME=Value pair: LOCATION=Bulgaria,New+York
So, now we have a cookie in the browser, with two pieces of in
formation stored in it. We will get the cookie
back from the browser with every request it makes from now on
(If the cookie was accepted, and until it expires
or the user deletes it.)
But what if we want to save the information even if the user d
eletes their cookie file?
Read on.
B.Storing information in a database on the server
If there is a lot of information, or if not losing the informa
tion is important, then storing the user-specific
information in a database on the server is a good idea.
There are many kinds of databases one might use, but for the s
ake of example, we will look at using a Unix
DBM array. Here is a code sample that shows how to take the in
put from a form and put in into a DBM array
on the server. (If the database will get very large -- tens of
thousands of records, and/or the amount of data in
each record will get very large -- more than 1 or 2K per recor
d, then DBM may not work very well for you -- it
may be too slow, or require too much memory. More powerful dat
a storage tools such as mSQL, Informix,
Oracle, or Sybase might be better.)
The big question here is what to use as the key for each user'
s record. In this example we will assume that the
CGI script handling the form input is in a area of the server
that requires users to 'log in' via basic authentication,
and thus we can use the REMOTE_USER environment variable, set
by the server whenever a user logs in via
basic authentication.
Every time a user submits a form to this script, their record
in the DBM array will be created or updated, as the
case may be. Note that in this example, if the user has an exi
sting record, it is replaced with the new data.
C.Both in cookie and in database
In the last example, we saved user information in a database o
n our Web server, and we can retrieve that
information whenever we like. One obvious time we would like t
o retrieve the information is when a user returns
to our site. At that time we would like to know that the user
has been here before, and to pull up specific
information about the user, and use it to change the HTML we s
end them.
If we have sent a cookie to the user that contains their usern
ame, then we can use that cookie to access their
database record. (Note that in the example above, we got the u
ser name through the basic authentication
process, but that by using a cookie, we could obtain the user
name without the user having to re-authenticate.)
This code sample could be added to the example above to send t
he user a cookie that contains their user name:
# Build a cookie and send it.
$COOKIE = "USER=$USER ; expires=$EXPIRES ; domain=$DOMAIN";
print "Set-cookie: $COOKIE\n";
print "Content-type: text/html\n\n";
open(FILE,$return_page);
while (<FILE>) {
print;
}
Please do not use this method when confidential information is
involved, since anyone could fake a cookie and
pretend to be this user. In cases involving private informatio
n, cookies should not be used as keys into
secure areas.
Assuming we have been saving user information in a DBM array,
and have been sending user's cookies with
their username, here is a code sample showing how we might act
ually customize what the user sees.
Let us assume that we have a server-parsed HTML page that read
s, in part:
<H1>News and Headlines</H1>
<!--#exec cgi=/cgi-bin/personalnews.pl -->
Then we can have a program, personalnews.pl that will produce
a little piece of HTML with links to News
and Headlines items based on information we have saved about t
he user. The program would:
1.Check to see if the user has a cookie.
2.If they don't, then build a set of default links.
3.If they do have a cookie, pull their info from the databa
se and build links based on that data.
The program might contain something like this.
Whenever our server-parsed HTML page is loaded, a chunk of HTM
L will be inserted with links based on the
users' country and state. And even if the user deletes their c
ookie file, we still have a database that tells us how
many people in each state prefer ice cream.
3.Using cookies recap
We can store information about a user in cookies and also in databa
ses on our Web server. We can use cookies as
keys into the database, and we can use information from both the co
okies and the database to build custom HTML
pages for users.
Analyzing user activity
How many people who visited our Web site last month have visited th
is month?
How many people who saw our special promotional page came back when
the product was released?
These questions, and others like them can be answered much more easily u
sing cookies than without.
The basic idea is to use cookies to keep track of exactly which users vi
sit a site, and then to analyze the data to answer
specific questions.
1.Log analysis requirements
A.Setting cookies for users that identify them either uniquely, o
r as members of a group or class, e.g. residents of
France
B.Log files that contain a record of the cookie associated with a
specific HTTP request. The standard server log
files do not log cookies. But see cookietracker in the resourc
es section below.
2.Log analysis methods
Using cookies alone we cannot effectively analyze user activity, si
nce cookies in and of themselves do not store any
information on the Web server. So, even if every user who visits ou
r site has a unique cookie, unless we do something
with the cookie data we get no more than the regular server log fil
es.
Using standard log files alone is not much help either, since the s
tandard log entries do not tell us which user made each
entry, the domain name or IP number is no help since people coming
to us through proxy servers will all appear to have
the same IP number, and people who reach us from machines that have
dynamically assigned IP numbers will have a
different IP number each time they visit us.
But, if each user visiting us has a cookie that contains a unique c
ode, or a code showing what group they are part of,
and if we log that cookie, then we can analyze user activity to gai
n insight into the usage patterns of groups and/or
individuals.
This code fragment shows how we could set a cookie with a unique se
rial number for each user.
If we were to log the cookie values of each user who visited a part
icular pair of pages then we could get some idea of
how many people who visited page A also visited page B. If we combi
ned this with information from a database of user
information we might be able to determine how many people who visit
a particular part of our site ride bicycles to work,
how many drive, and so forth.
A.Using a CGI program to log cookies
As we saw above, if a browser has a cookie for us, any CGI pro
gram may access the cookie by looking in the
HTTP_COOKIE environment variable.
If for example we have been setting cookies to our users that
contain:
IDENTITY=19970117.WPI.1034
then we could have a program (it doesn't really have to be a "
CGI" program, but let's not make this more
confusing than it has to be) that is executed whenever a parti
cular page is requested, and this program could log
to a file the date and time and the "IDENTITY" that the cookie
contains.
To execute the program we would include the following in a ser
ver-parsed HTML page:
<!--#exec cgi=/cgi-bin/cookielog.pl -->
The program itself would contain something like this.
Now every time the server-side include is parsed, our program
will add to a log file that looks something like this:
Tue Jan 14 18:13:07 1997 19970111.WPI.1034
Tue Jan 14 18:23:37 1997 19961123.WPI.0023
Wed Jan 15 18:13:01 1997 19970111.WPI.1034
Wed Jan 15 19:13:11 1997 19970112.WPI.1348
This shows that user "19970111.WPI.1034" visited the target pa
ge twice, once on Tuesday and once on
Wednesday.
B.Adding cookies to standard log files
The standard Web server log file looks like this:
108.isp.se - - [14/Jan/1997:18:35:12 -0800] "GET /page1.html HTTP/1.0" 2
00 1169
acme.int - - [14/Jan/1997:18:35:12 -0800] "GET / HTTP/1.0" 200 718
proxy.aol.com - - [14/Jan/1997:18:35:13 -0800] "GET /page1.html HTTP/1.0
" 200 646
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /page1.html HTTP/1.0" 200
1169
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /gray.gif HTTP/1.0" 200 2
33
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /icon.gif HTTP/1.0" 200 1
450
foobar.net - - [14/Jan/1997:18:35:19 -0800] "GET /glossary.html HTTP/1.0
" 200 -
proxy.aol.com - - [14/Jan/1997:18:35:24 -0800] "GET /page1.html HTTP/1.0
" 200 1169
foobar.net - - [14/Jan/1997:18:35:26 -0800] "GET /page1.html HTTP/1.0" 2
00 1169
Nothing in each line tells us who each user is. Now, if we wer
e able to add the value of a cookie to each line for
users who had cookies, then we could sort the log file by user
, for example.
Imagine that the log file looked something like this (note the
addition of cookie values at the end of each line):
108.isp.se - - [14/Jan/1997:18:35:12 -0800] "GET /page1.html HTTP/1.0" 2
00 1169 -
acme.int - - [14/Jan/1997:18:35:12 -0800] "GET / HTTP/1.0" 200 718 -
proxy.aol.com - - [14/Jan/1997:18:35:13 -0800] "GET /page1.html HTTP/1.0
" 200 646 1996.00007
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /page1.html HTTP/1.0" 200
1169 1997.1659
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /gray.gif HTTP/1.0" 200 2
33 1997.1659
acme.int - - [14/Jan/1997:18:35:19 -0800] "GET /icon.gif HTTP/1.0" 200 1
450 1997.1659
foobar.net - - [14/Jan/1997:18:35:19 -0800] "GET /glossary.html HTTP/1.0
" 200 - -
proxy.aol.com - - [14/Jan/1997:18:35:24 -0800] "GET /page1.html HTTP/1.0
" 200 1169 1997.1661
foobar.net - - [14/Jan/1997:18:35:26 -0800] "GET /page1.html HTTP/1.0" 2
00 1169 -
Some entries do not have cookies because the browser has not y
et accepted one from us.
We can see now that one request was from a user whose cookie w
as assigned in 1996 (1996.00007), and that
the two proxy.aol.com requests were from different users.
Today there are two main ways to produce a log file like this,
where each request has the cookie of the browser
that made it. One is to have all requests to the server go thr
ough a CGI program that creates its own log file.
This is a more involved version of the small example cited. Th
e other method is to modify the the server
software to add to the standard server log file. Our cookietra
cker is one program that takes this approach.
3.Summarizing data and building reports
Assuming we have log files that contain cookie information, how can
we summarize and report on that data? The
answer depends on just what kind of reports we are looking for. The
possibilities are vast.
One simple example would be to produce a report that shows how many
unique, cookied visitors we have had during a
given time, and who the most frequent visitor was. Such a simple re
port might look like this:
median number of hits per cookieholder : 3.00
avg. number of hits per cookieholder : 4.29
total number of cookie holders : 14354
Most obsessed with our site : 19961103.DEMO.66 with 316 hits
That report shows us that 14,354 different cookies were logged, whi
ch is probably slightly less than the number visitors.
Here is a sample of code to produce that report. Please note that i
n real life, server log files get very big, and running a
report like this on a 1 million-line log file will take a while, an
d consume a lot of memory. This script is just a conceptual
model.
Other reports might involve combining information from a log file w
ith information from a database. For example, we
might want to know, of the people who visited our "support" area, h
ow many of them are managers or decision makers
in purchasing equipment. We might have a database that stores user
profile information (anonymously, but with a
cookie as a key), and so we could pull all the log file entries for
our support page, and then check the database for each
cookie.
The code for such a report would vary a lot depending on the databa
se used, and how we want to generate the reports
-- manually, through a Web page, etc. The attached is a purely conc
eptual model, written in Perl, but intended only to
demonstrate the concepts involved.
--
m;37m※ 来源:.龙门客栈 bbs.szonline.net.[FROM: sunose.szonline.net]m
--
m;37m※ 转寄:.龙门客栈 bbs.szonline.net.[FROM: 【惠州明月湾】]m
--
日出东方,唯我不败;
天上地下,唯我独尊。
※ 来源:.BBS 荔园晨风站 bbs.szu.edu.cn.[FROM: 192.168.1.143]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店