Cookies are not found when page without www prefix is loaded

I just noticed a big problem with my site.

When a user visits my page, www.<something>.com and signs in, I have coded the cookies so that the path is "/".  So the cookies work fine through all the pages. But, there's a section of my site that switches to just <something>.com (www is removed) so now the cookies are not even there cause they belong to www.<something>.com.

I have no idea why that particular section switches but I need to figure out how to assign the cookies to both www. and without if that's even possible.

 I don't know if there's a better/different solution so please let me know.

Thanks.

------------------------------------------------------------

code snippet of signin.php
~~~~~~~~~~~~~~~~~

if(isset($_REQUEST["chk_remember"]) == "yes"){
     $cookie_life = time() + 31536000;
}else{
     $cookie_life = 0;
}
setcookie('ows_userID', $var_userID, $cookie_life, '/');                  
setcookie('ows_password', $var_password, $cookie_life, '/');                  
setcookie('ows_validated', 'yes', 0, '/');                  
header("Location: signin2.php");
LVL 2
bloodtrainAsked:
Who is Participating?
 
Diablo84Commented:
you need to include the domain parameter in the setcookie function and specify it as

.domain.com

(notice the initial dot) so it is available across all subdomains
0
 
hernst42Commented:
$domain = '<something>.com';

setcookie('ows_userID', $var_userID, $cookie_life, '/', $domain);              
setcookie('ows_password', $var_password, $cookie_life, '/', $domain);              
setcookie('ows_validated', 'yes', 0, '/', $domain);              

So the cookiea are available even if the uses uses www or not

see http://de3.php.net/manual/en/function.setcookie.php for detailed option to set via setcookie
0
 
bloodtrainAuthor Commented:
ok, well, I realized why that particular section of mine was losing the www prefix so my problem is solved. But I would still like to know if you can share the same cookie between www and no www..  

Thanks guys / gals!
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
Diablo84Commented:
reference: http://www.php.net/manual/en/function.setcookie.php

and quote regarding my above comment:

 To make the cookie available on all subdomains of example.com then you'd set it to '.example.com'. The . is not required but makes it compatible with more browsers. Setting it to www.example.com  will make the cookie only available in the www  subdomain. Refer to tail matching in the spec for details.

0
 
Diablo84Commented:
example

setcookie('ows_userID', $var_userID, $cookie_life, '/','.yourdomain.com');        
0
 
bloodtrainAuthor Commented:
You guys are too quick..

Diabo84, I will try you method first since you did post first..


Thanks both of you..
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.