Solved

Cookies with IIS

Posted on 2004-09-03
14
649 Views
Last Modified: 2013-12-13
Does anybody knows how to make cookies work with IIS.

I have login authentication that calls a php script and it is redirect to another page.

But when it is redirect it says that the cookies is not present. The cookies is not being passed for some reason.

I believe it is IIS problem.

Does anybody know how to fix it?

thanks
0
Comment
Question by:mdiez
14 Comments
 
LVL 6

Expert Comment

by:CosminB
ID: 11979217
haven't heard of cookie problems with IIS till now. Are you sure it's not your browser. Try a different browser and see what happens.
Also chekc your code or post it here
0
 
LVL 26

Expert Comment

by:ushastry
ID: 11983639
Hi,

Check out this solution by...Diablo84

Add the following to the top of your script to display all errors that are generated while processing your script.

<?php

ini_set("error_reporting","E_ALL & ~E_NOTICE");

?>

or check this ..

http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Windows/Q_21109968.html

Hope this helps!
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11987583
Is the redirected site in the same domain as the initial cookie?

Have you included a path in the cookie which the redirected site is not part of?

Normally, I want my cookies for the entire site. Some people use cookies for just part of a site (i.e. members areas or catalogue).

What code are you using to set the cookie?
What is the full url of the page setting the cookie?
What is the full url of the page checking the cookie?

Richard.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Expert Comment

by:Buz
ID: 11989577
Which method is used to set the cookie?
It will help if you'll post the cookie setup code here.
0
 

Author Comment

by:mdiez
ID: 11991851
Here is my authentication script:

<?php
      ob_start();
      require_once("dbconnection.php");
      
      error_reporting(0);
      $user      = $_POST['username'];
      $pass      = $_POST['password'];
      error_reporting(1);

    $sql = "SELECT * FROM users WHERE username = '$user'";
       
      // execute the sql statement
      $result = mysql_query($sql, $conn) or die(mysql_error());
      $numrows = mysql_num_rows($result);
        
      if($numrows == 0)
      {
            throwError();
      }
      else
      {
            $newArray = mysql_fetch_array($result);
            
            if($newArray['password'] != $pass)
                  throwError();
            else
                  goSuccess($user, $newArray['level'], $newArray['firstname']);
      }
      //====================
      function goSuccess($user, $level, $firstname)
      {
    setcookie('user', $user, time() + 36000, '/');
    setcookie('level', $level, time() + 36000, '/');
    setcookie('name', $firstname, time() + 36000, '/');
    header("Location: ../../../menu.php");
      }
   
      //====================
      function throwError()
      {
            $msg = urlencode("Please Try Again!");
            header("Location: ../../../index.php?action=staff&msg=$msg");
      }
?>


thansk for the help.
0
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 250 total points
ID: 11994284
I would add an

ob_end_flush();

at the end of the script, just to make sure everything is being sent.

In the script where you want to see what is in the cookie, take a look at $_COOKIE.

You may NOT get a cookie back if the user has disabled cookies.

Do not rely on them as always being right.

Richard.
0
 
LVL 1

Assisted Solution

by:Buz
Buz earned 250 total points
ID: 11994328
My guess is that there is somthing wrong with setcookie.
Try to replace this code:
  setcookie('user', $user, time() + 36000, '/');
  setcookie('level', $level, time() + 36000, '/');
  setcookie('name', $firstname, time() + 36000, '/');
with this:
  $exp = strftime("%A, %d-%b-%Y %H:%M:%S", time()+36000);
  $cookiestr = sprintf ("%s=%s; expires=%s;", "user", $user, $exp);
  header ("Set-Cookie: $cookiestr");
  $cookiestr = sprintf ("%s=%s; expires=%s;", "level", $level, $exp);
  header ("Set-Cookie: $cookiestr");
  $cookiestr = sprintf ("%s=%s; expires=%s;", "name", $firstname, $exp);
  header ("Set-Cookie: $cookiestr");
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11994369
You can check the output using telnet or some other app that will allow you to see the headers.

Or you can use PHP ...

<?php

$fp = fopen('http://www.yoursite.com/yourpage.php','rt');
$aMeta = stream_get_meta_data($fp);
print_r($aMeta);
echo $http_response_header; // This is a new one on me and is in the PHP Manual.

?>

Richard.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11994408
Don't need the echo line as the data in it is in the $aMeta array already.

<?php

$fp = fopen('http://dev.bandvulc','rt');
$aMeta = stream_get_meta_data($fp);
print_r($aMeta);

?>

You will then see any cookies being sent to you.

Also, try checking the return value of setcookie(). It should be true. If it is not, it did not manage to add the cookie. I would also recommend ALWAYS have

error_reporting(E_ALL);

whilst working and then make sure ALL warnings,errors and notices are coded out. A notice today may become a warning tomorrow which could become an error a LOT sooner!

Richard.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 12297728
I think that a lot of points have been raised to help in answering this as well as code to track the cookies he is having an issue with.

Split.
0
 
LVL 1

Expert Comment

by:Buz
ID: 12390545
Sounds fair to me.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question