I can set the cookie like this:
$cookie = array(
'name' => 'token',
'value' => $some_value,
'expire' => '86500',
'domain' => '192.168.1.11',
'path' => '/appfolder',
'prefix' => '',
'secure' => TRUE
);
$this->input->set_cookie($cookie);
it's there (I can see in Firefox settings).
But i can't read it. This is the code in my controller:
$this->load->helper('cookie');
$token = get_cookie('token', false); //Same if TRUE
//$this->input->cookie('cookie_name', TRUE); //also does not work
var_dump($token);
var_dump outputs bool(false).
First check your config.php cookie settings.If they are set wrong, cookies won't work
On the other hand, CI built in function has some problem which writes the cookie. you can change it by this way:
use setcookie function to set cookie setcookie($name,$value,$expire,$path);
and getting it back through $this->input->cookie('user',TRUE);
Have a look here http://ellislab.com/codeigniter/user-guide/libraries/input.html
setcookie ( 'token' , $some_value , 86500, '/appfolder' , '192.168.1.11', FALSE );
Related
I'm using method setCookie to set login session on a website with Captcha, but method $page->cookies($url) doesn't return added cookie. How should cookies be set in PHP Puppeteer?
$page = $browser->newPage();
$page->setCookie([
'name' => 'login',
'value' => '***',
'domain' => 'www.domain.com',
'expires' => 0
]);
$page->setDefaultTimeout(20000);
$page->goto($url, ['waitUntil' => 'networkidle0']); // networkidle0
printf("url: %s\n", print_r($page->url(), true));
printf("cookies: %s\n", print_r($page->cookies($url), true));
I have a fully working setcookie() php function running using these params...
<?php
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
time() + 86400,
'/',
);
?>
The code above sets a cookie everytime with no issues!
But as soon as I attempt to use samesite option the cookie never sets... which is a problem.
I am not running this in a iFrame. I am testing this locally using dockers wordpress image, which I cant see being a problem.
At first after all the online reading, I thought it might be a PHP version conflict, but it failed to work in either tests pre/post PHP version 7.3.0.
After reading https://www.php.net/manual/en/function.setcookie.php
...it says options can be set as associative array including expires, path, domain, secure, httponly and samesite, but everytime I try this php setcookie method it does not set.
This is my locally dumped $_SERVER['HTTP_HOST'] result...
demo.local.mydomain.com
Here are all my local tested code attempts, using $_SERVER['HTTP_HOST'] for domain...
<?php
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
[
'expires' => time() + 86400,
'path' => '/',
'domain' => $_SERVER['HTTP_HOST'],
'samesite' => 'None',
'secure' => false,
'httponly' => false
]
);
?>
<?php
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
time() + 86400,
'/; SameSite=none'
);
?>
<?php
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
[
'expires' => time() + 86400,
'path' => '/',
'domain' => $_SERVER['HTTP_HOST'],
'secure' => false,
'httponly' => false,
'samesite' => 'None'
]
);
?>
And none of these code examples save the _siteauth cookie when executed.
I've tried every variation of php version setcookie() including the samesite key and value but no cookie is saved.
The reason I am changing my previous setcookie() script is because there was a change early in 2020 in chrome with iframe cookie policies, defaulting to samesite Lax. So I need to force samesite None when setting my cookie.
https://web.dev/samesite-cookies-explained/
https://web.dev/samesite-cookie-recipes/
If anyone can see where I'm going wrong, help would be amazing.
When you set a cookie with SameSite=None it'll be blocked (by the browser) unless it also has Secure, which is omitted/set to false in the code snippets.
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
[
'expires' => time() + 86400,
'path' => '/',
'domain' => $_SERVER['HTTP_HOST'],
'samesite' => 'None',
'secure' => true,
]
);
Working with the Yii framework in the config-file session storaged is handled as follows:
'session' => array(
//'sessionName' => 'SomeSession',
'class' => 'CDbHttpSession',
'connectionID' => 'SomeConnection',
'autoCreateSessionTable' => false,
'sessionTableName' => 'SomeTable',
'autoStart' => 'false',
'cookieMode' => 'only',
'useTransparentSessionID' => false,
'timeout' => CSESSIONTIMEOUT,
'cookieParams' => array(
'path' => '/',
'domain' => '.somedomain.extension',
'expire' => time()+5256000,
'lifetime' => time()+5256000,
//'httpOnly' => true,
),
),
So as you see sessions are stored in a table in a database with a given lifetime. But if I check the stored sessions in the database they are not stored with the given lifetime they are stored with a lifetime of a year.
The only thing I can find in our application that has a lifetime of a year are the cookies. For example like this:
setcookie("cookie_name", $someValue, time()+31536000, "/", "somedomain");
What is confusing for me are the cookies in our application. Could it be possible that this overrides the Yii session storage config?
UPDATE
I also came across this line of code
$_SESSION['POLL_'.$idPoll.'somekey'] = strtotime("now");
And that line of code inserted a session record in the database. But that record also has an lifetime of a year. How is this possible?
You need to add timeout param to config like this:
'session' => array(
'class' => 'CDbHttpSession',
'timeout' => 5256000,
// ...
Try Cookies Like this : -
if (isset($_POST['remember'])) {
$cookieUsername = new CHttpCookie('phoenix_admin_username', $_POST['LoginForm']['username']);
$cookiePassword = new CHttpCookie('phoenix_admin_password', base64_encode($_POST['LoginForm']['password']));
$cookieUsername->expire = time() + 604800;
$cookiePassword->expire = time() + 604800;
Yii::app()->request->cookies['phoenix_admin_username'] = $cookieUsername;
Yii::app()->request->cookies['phoenix_admin_password'] = $cookiePassword;
}
////////////Check like this//////////////
if(isset(Yii::app()->request->cookies['phoenix_admin_username'])){
$model->username = Yii::app()->request->cookies['phoenix_admin_username']->value;
$model->password = base64_decode(Yii::app()->request->cookies['phoenix_admin_password']->value);
}else{
$model->username = "";
$model->password = "";
}
Well I have created sessions but having trouble implementing cookies in my website. In config file i have set $config['sess_expire_on_close'] = TRUE; so that user's session expires on closing browser.
Now what i want is, On login if user checks remember me ... all data should be stored in a cookie so that on closing browser, user is still logged on.
function login($email, $password, $loginas) {
if ($loginas == 'user') {
$this->db->select('*');
$this->db->where('email', $email);
$this->db->where('password', $password);
$query = $this->db->get("user_info");
if ($query->num_rows() > 0) {
foreach ($query->result() as $rows) {
$newdata = array('id' => $rows->id,
'firstname' => $rows->firstname,
'lastname' => $rows->lastname,
'address' => $rows->address,
'city' => $rows->city,
'email' => $rows->email,
'phone' => $rows->phone,
'logged_in' => TRUE,
);
}
$this->session->set_userdata($newdata);
if ($rememberme == 'on') {
// create a cookie here with all data that i have put in session
}
return TRUE;
}
return FALSE;
}
}
Does creating cookie automatically creates session? or we have put these data in session manually again?
In CodeIgniter, you can use set_cookie()
$cookie = array(
'name' => 'The Cookie Name',
'value' => 'The Value',
'expire' => '86500',
'domain' => '.example.com',
'path' => '/',
'prefix' => 'myprefix_',
'secure' => TRUE
);
$this->input->set_cookie($cookie);
First of all you need to load cookie helper
$this->load->helper('cookie');
Set your cookie
$cookie = array(
'name' => "cookieName",
'value' => array('id'=>$rows->id,
'firstname'=>$rows->firstname,
'lastname'=>$rows->lastname,
'address'=>$rows->address,
'city'=>$rows->city,
'email'=>$rows->email,
'phone'=>$rows->phone,
'logged_in'=>TRUE
) ,
'expire' => '86500',
);
Just pass your array into set cookie
$this->input->set_cookie($cookie);
And you can retrieve it using
$cookie['cookieName']['id'];
Also read manual
I'm create a remote access using codeigniter curl library from here https://github.com/philsturgeon/codeigniter-curl , then using this code below to login, then I get good respons that I've logged in.
$this->load->library('curl');
$opt = array(
'COOKIEJAR' => 'curl_sess/cookie.txt',
'COOKIEFILE' => 'curl_sess/cookie.txt',
);
$array = array(
'email' => 'user#example.com',
'password' => 'somepassword'
);
echo $this->curl->simple_post('http://remoteweb.com/cek_login', $array, $opt);
Then I want to create another request that need logged in status, like :
$array = array();
echo $this->curl->simple_get('http://remoteweb.com/get_datadeposit', $array);
but I get nothing, because my login session at first request not brought in second request.How to achieve this or I missing something ... ?
Try
$this->load->library('curl');
$opt = array(
CURLOPT_COOKIEJAR => 'curl_sess/cookie.txt',
CURLOPT_RETURNTRANSFER => true
);
$array = array(
'email' => 'user#example.com',
'password' => 'somepassword'
);
echo $this->curl->simple_post('http://remoteweb.com/cek_login', $array, $opt);