PHP not reading cookie although I can see in browser.
//i set cookie in localhost/site/classes/php/user
setcookie("liu", $result[0]['user_id'], time() + 60 * 60 * 24 * 30, "/");
//trying to access it in localhost/site/index.php
$loggedInUser = $_COOKIE['liu'];
If you're running on localhost, you should explicitly set the cookie domain to false.
You could try:
setcookie("liu", $result[0]['user_id'], time() + 60 * 60 * 24 * 30, "/", false);
Have a further look here: Cookies on localhost with explicit domain
You cannot read a cookie you have set in the code above.
Cookies are sent with the headers to the browser.
PHP will be able to read the cookie only after the user navigates to the next page or you redirect him to a new page.
PHP will be able to read the cookie then because the browser will send it back via headers.
Read this: http://uk1.php.net/manual/en/function.setcookie.php
Common Pitfalls:
Cookies will not become visible until the next loading of a page that the cookie should be visible for. To test if a cookie was successfully set, check for the cookie on a next loading page before the cookie expires.
Expire time is set via the expire parameter. A nice way to debug the existence of cookies is by simply calling print_r($_COOKIE);
We verify that we are not working in local, if we are in local we put the value of false in the variable $domain. If not, we pass the domain where the web is hosted.
$domain = ($_SERVER['HTTP_HOST'] != 'localhost') ? $_SERVER['HTTP_HOST'] : false;
setcookie( 'liu', $result[0]['user_id'], time() + 60 * 60 * 24 * 30, '/', $domain );
Related
I have a function that sets cookies; in this function I use PHP's setcookie function in order to set cookies, for example:
setcookie('auth', $token, time() + 3600);
The function I'm using setcookie in is as follows:
function SetAuthenticationCookie($id, $rememberme) {
$token = md5(uniqid(mt_rand(), true));
executeNonUserQuery([db query]);
if ($rememberme) {
setcookie('auth', $token, time() + (86400 * 90));
setcookie('profid', $id, time() + (86400 * 90));
}
else
{
setcookie('auth', $token, time() + 3600);
setcookie('profid', $id, time() + 3600);
}
}
The above cookie should be valid for one hour, and appears this way in the browser (see below screenshot).
In the browser the cookies show before it redirects (the page is dynamic), therefore the cookies are being set. However they disappear when the page redirects. This causes a problem because the main UI page (where the login page redirects) checks for the presence of the authentication cookies and redirects back to the login page if they don't exist.
I followed the official documentation for setcookie and am unable to see what the problem is. Chrome reports that the cookie path is /internal therefore it's a possibility that the actual page can't access them (the page path is /pages), but this still doesn't explain why they disappear completely from Chrome.
The cookie is set to expire in an hour after it is set, but this doesn't explain the disappearance of the cookies unless I'm missing something crucial in setcookie concerning the setting of the expiration time. I experience the same issue in other browsers, so it has to be something that I've done wrong or missed.
I confirm that I have nothing that unsets or expires the cookies (I haven't implemented that yet). I've tried setting the path to / but this doesn't fix the problem.
What am I doing wrong, and how can I fix it?
I'm aware of the security issues here, my priority is to fix this problem first.
This issue was caused by two factors:
The cookie path
PHP's timezone
As mentioned in the question I had already tried setting the cookie path to / with no effect. However I did not consider PHP's timezone, which was set to UTC.
Setting the timezone to the correct Europe/Guernsey plus setting the cookie path to / (root) fixed the issue.
Ok, add a path and make it available to the whole website rather than just the folder the first script is in
setcookie('auth', $token, time() + 3600, '/');
This question already has answers here:
Why are my cookies not setting?
(10 answers)
Closed 7 years ago.
Since a few weeks, I notice that my website doesn't save cookie anymore.
If I refresh a few times this page:
<?php
print_r($_COOKIE);
setcookie('Test', 'Blah', time() + 3600 * 24 * 365, '/');
print_r($_COOKIE);
?>
cookies should be there! But I get:
Array ( ) Array ( )
Is there a common way to debug this?
Note: it's not a duplicate from this question, its answers didn't solve the problem.
$_COOKIE contains the cookies that the browser sent in the current request.
setcookie puts an instruction in the response that tells the browser to store a cookie.
The browser won't send that cookie back to the server until the next request.
If you want to test if a cookie is set you can:
Look at the response headers in your browser's developer tools
Add some JavaScript to the response body that will examine document.cookie
Make a new HTTP request and use server side code to see if it includes the cookie
Set where you want the cookie to be accessible,
setcookie('Test', 'Blah', time() + 3600 * 24 * 365 * 10, "/");
/ means that it is available everywhere on the domain.
Path
The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in.
Try refresh the page as it doesn't show until next request.
Reading Material
setcookie
try not to save it for 10 years . 1 year is already enough i belive
setcookie('Test', 'Blah', time() + 3600 * 24 * 365, "/");
Hi guys this is abit similer to a question that i posted earlier. but now i have found the problem which lies behind it...when i set a cookie using my script known as cookieset.php
setcookie("atid", 1234, time() + 60 * 60 * 24 * 365, "/", ".mydomain.com");
and it is shown in the browser
Name atid
Content 1234
domain mydomain.com
in another instance i set a cookie in this way
setcookie('atid', '1234', time() + 60 * 60 * 24 * 365, "/", "localhost");
and it is shown in the browser
Name atid
Content 1234
domain localhost
but when i try to retrieve it like this from another script
echo 'value is: ' . $_COOKIE['atid'];
the correct value is shown only when i create the cookie by giving the domain name as localhost, but when i give, my specific domain name $_COOKIE['atid']; does not detect the cookie but gives the error
undefnied index: atid in.........
can anybody help me to detect the cookie on my domain name
Cookies are stored on client side i.e. on the browser. Also cookies are domain specific, and sub-domains can access the cookies of parent domain.
e.g.: if you have created a cookie for domain test.com then www.test.com, demo.test.com etc can access that cookie.
The reason you're unable to access the cookie with the your domain name is because, probably you have created the cookie using localhost i.e. your second code
setcookie('atid', '1234', time() + 60 * 60 * 24 * 365, "/", "localhost"); and trying to access it from your domain name. remove localhost from above code and then try to access it from your domain name.
use this code:
setcookie('atid', '1234', time() + 60 * 60 * 24 * 365, "/");
Let me know if the issue still persist.
print_r($_COOKIE) returns an array with only the session cookie and it's value, that is
Array ( [PHPSESSID] => 0cfbom6llfl3ho93n7bljnns14 )
However, I did set other cookies. I checked the browser and they do exist. I did the setting like this:
setcookie("cookie_name",$myvar,
time() + (20 * 365 * 24 * 60 * 60),
"/", "mydomain.com",
true, true
);
The browser shows the cookie name as cookie_name and the value as the value of $myvar so apparently there's no problem in the setting of the cookie.
Looking at both cookies side-by-side on the browser the only difference is that the session cookie's domain is mydomain.com while cookie_name's domain is .mydomain.com. Is that the problem? If so, how can I solve it?
Edit: The dot wasn't the problem.
Just check this page, Vist http://www.php.net/manual/en/reserved.variables.cookies.php
The first note points out why it dose not work, only if when the browser send a request back(such as a normal page visit)
you can use Chrome inspector to check the browser's request's http head.
And i'm sorry for my poor English
The problem was that I set seucre to true and my webhost did not provide HTTPS so the cookie couldn't be accessed even server-side. Silly me.
I have a page (mypage.html) which sets a cookie as follows:
setcookie ("sessionid", md5 (uniqid (rand())));
Now, at the top of an include which displays the site header I have the following:
echo "cookie is ". $_COOKIE['sessionid'];
When I am on mypage.html, which includes the header, the echo command displays the cookie name, as it should...e.g.
cookie is 4d40102ff2d2268d907dd31debc411e2 cookie is 4d40102ff2d2268d907dd31debc411e2
But if I move aeway from the page which set the cookie, all I see is
cookie is
with no name - If I go back to mypage.html it reads it again with no problem. I have no clue how this can happen?? Any ideas?
Set an explicit path for the cookie. The default is the current directory only, so if you navigate to a script in another directory, the cookie won't be sent back by the browser.
// Cookie is valid for all paths ( / ) in the current domain
// This also has an explicit expiry time of 1 hour from the time it's set...
setcookie ("sessionid", md5 (uniqid (rand())), time() + 3600, "/");
It's a little unusual to be setting your own session cookies though, when simply initiating a session handles it for you:
session_start();
// Id is set for you...
echo session_id();