Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

storing data on an "anonymous" user

Tags:

php

symfony

doctrine-orm

I'm currently working on developing a Symfony2 app that will not only accept user registrations, but will allow visitors to go through almost the entire flow of the site without creating an account or logging in. Design ideas look something like this (suggestions/improvements welcome):

  1. When a user logs in to their account, data will be persisted to the user/related entities as normal
  2. When an anonymous user hits the site for the first time, an "anonymous user entity" is created for them as if they'd registered, but with something like USER_<session_id> as an identifier instead of a personalized username. Any activity they perform on the site is persisted to this anonymous user entity
  3. When an anonymous user chooses to register, their anonymous user entity is upgraded to a registered user entity, preserving their data for future use
  4. If an anonymous user leaves the site without registering, the anonymous user entity should be cleared after a while to prevent buildup of dead data

What's the best way to go about this? Specifically, what is considered "best practice" for creating/manipulating a User entity for an anonymous user without having to place code into every controller?

like image 376
Derek Stobbe Avatar asked May 11 '11 16:05

Derek Stobbe

People also ask

How do you anonymize personal data?

Data anonymization is done by creating a mirror image of a database and implementing alteration strategies, such as character shuffling, encryption, term, or character substitution. For example, a value character may be replaced by a symbol such as “*” or “x.” It makes identification or reverse engineering difficult.

Is Data masking the same as Anonymization?

Data Masking vs AnonymizationData masking adds another layer of security to data anonymization by masking certain pieces of data and only showing the most relevant pieces of data to data handlers who are explicitly authorized to see those specific pieces of relevant data.

What is anonymous data collection?

When data is collected and held anonymously, it indicates that there are no identifying values that can link the information to the participant; not even the researcher could identify a specific participant.

What does anonymous user mean?

An anonymous login is a process that allows a user to login to a website anonymously, often by using "anonymous" as the username. In this case, the login password can be any text, but it is typically a user's email address.

1 Answers

I would advise against using the IP address for this, as it could cause problems for users behind a NAT. Using a custom cookie, or the sessionId (PHPSESSID) cookie as an identifier for tracking purposes would be a better idea. Google uses this strategy for its ads business. Stand on the shoulders of giants!

like image 60
emilecantin Avatar answered Sep 29 '22 21:09

emilecantin
Sign in to Comment

Related questions

How to create a button and its event handler in PHP?
How to post to Facebookpage as admin via API (Php SDK)?
How can I in PHP re-create my Database (for Unit Testing for example)
How do I enable XAMPP to locally use the php's mail() function so I can test my mail() scripts locally without having to upload to my server?
Best approach for (cross-platform) real-time data streaming in PHP?
PHP associative arrays - how to treat integer as string
AJAX - What content type should have JSON encoded data? [duplicate]
CSS: Set font to a size so the text would occupy whole container [duplicate]
PHP - cropping image with imagecopyresampled()?
Should 1-time use data like verification code to be stored in the same table
Handling innoDB deadlock
Use php to trigger another php script, then ignore
Zend Framework: when to use placeholders, partials, and just plain assigning to view properties?
Is it bad using $_SESSION['id'] in queries?
Running PHP from command line
Best way to parse a text document
Overriding a Magento Action
What are the pros and cons of output buffering?
How to use Locale::acceptFromHttp without a filter list?
Why is php rename() corrupting my file?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!