[SOLVED] Cookie Problem?

drdapoo · September 1, 2007

Greetings,

Ive been trying to figure out this problem for a while and I admit im stumped. Even though im really new to php I tried to research this (google and all) but I honestly dont know what to look for and dont know where to find the solution.

Here is my code. I am trying to compare the session ID with the cookie that the session generates. The way I have it setup is that a previous page creates the session and is then redirected to another page where this code is located.

<?php

session_start();

$bob = session_id();

$john = $_COOKIE["cookiesessionID"];

if ( $bob == $john )

{

echo "yes it is alive";

}

else

{

echo "No its not!";

}

?>

When I try to execute this code the first time around the if statement is false because the cookie isnt being read. I have my session time limit set to 5 minutes so I know thats not the problem. I looked on my apache error log file and saw that its spitting out the fallowing error

PHP Notice: Undefined index: cookiesessionID

I have to reload the page for it to work properly. I'm really at a loss here, I dont know what the problem is. Any suggestions?

Jessica · September 1, 2007

The cookie for a session ID is default named PHPSESSID.

drdapoo · September 1, 2007

The cookie for a session ID is default named PHPSESSID.

Ah yes, i forgot to mention that I changed the default cookie name :-[ .

Jessica · September 1, 2007

To remove the error do:

if(isset($_COOKIE['cookiesessionID'])){
//cookie is set
}else{
//cookie is not set
}

Why it's not working if you changed the name, I can't tell. If you are using Firefox you can view what cookies are set. Do you allow cookies to be set on your browser?

Sesquipedalian · September 1, 2007

uhm.. well maybe you don't actually have a cookie like that, or you didn't change the name correctly...

why not look in firefox to see what cookies are being sent?

drdapoo · September 1, 2007

Why it's not working if you changed the name, I can't tell. If you are using Firefox you can view what cookies are set. Do you allow cookies to be set on your browser?

Yes I do. I've even gone and checked firefox to make sure its getting the cookie, which it is.

As for that snipit of code. What im trying to do is use the php server as a poor mans way of doing session timeouts. I have the session life span set to a certain time. Anytime a user interacts with my site I want it so it checks to see if the server still has the sessionID. If it dosnt then they will have to log back in/create an account.

Like I said before im by no means a pro at php programming but, from the looks of your code it is relying on the client to check to see if they time out via the client cookie. Someone could go into the cookie and change the expire values and potentially stay on for ever. I don't want that.

Jessica · September 1, 2007

No, all my code is doing is checking if the value is set before you try to use it. You have to put your code back into if for your session checking.

Why not just set a timestamp in the session of when they logged in, and anytime it's older than however long you want, log them out. No need to rely on any cookie values at all.

drdapoo · September 1, 2007

Ok I figured out the problem

So I access the first web page which contains the fallowing code

<?php

session_start();

header('Location: http://www.dsfdsafsadfsadfsdf.com/session_test.php');

?>

</body></html>

That jumps me to the code I originally posted up top.

So I went back and checked my cookies again and it turns out the session isnt being carried over from page hearder to page check my sessionID. The session check page is generating a completely new session. When I look at my cookie I have 2 completely different sessionID's.

So question, I though sessions carry over as long as the browser doesn't close?

Jessica · September 1, 2007

IIRC, Sessions are only on the sub-domain. So http://www.site.com and http://site.com will have different sessions.

Also, session_start() needs to be BEFORE any HTML or any output or headers.

drdapoo · September 1, 2007

IIRC, Sessions are only on the sub-domain. So http://www.site.com and http://site.com will have different sessions.

Also, session_start() needs to be BEFORE any HTML or any output or headers.

Thats exactly whats going on. One variable has the http://www.site.com and the other just has http://site.com.

Jessica · September 1, 2007

So there is your problem.

Technically, www is not needed. I always make my sites use only http://site.com. You can use htaccess to do that. I also use a BASE_URL constant so I don't have to keep typing it in.

drdapoo · September 1, 2007

So there is your problem.

Technically, www is not needed. I always make my sites use only http://site.com. You can use htaccess to do that. I also use a BASE_URL constant so I don't have to keep typing it in.

LOL what..... ???. I don't have the slightest idea how to implement any of that. Well I guess thats why google was invented huh?

Thanks!

Jessica · September 1, 2007

yep.

Sign In

[SOLVED] Cookie Problem?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information