Solved

Cookies with IIS

Posted on 2004-09-03
14
647 Views
Last Modified: 2013-12-13
Does anybody knows how to make cookies work with IIS.

I have login authentication that calls a php script and it is redirect to another page.

But when it is redirect it says that the cookies is not present. The cookies is not being passed for some reason.

I believe it is IIS problem.

Does anybody know how to fix it?

thanks
0
Comment
Question by:mdiez
14 Comments
 
LVL 6

Expert Comment

by:CosminB
ID: 11979217
haven't heard of cookie problems with IIS till now. Are you sure it's not your browser. Try a different browser and see what happens.
Also chekc your code or post it here
0
 
LVL 26

Expert Comment

by:ushastry
ID: 11983639
Hi,

Check out this solution by...Diablo84

Add the following to the top of your script to display all errors that are generated while processing your script.

<?php

ini_set("error_reporting","E_ALL & ~E_NOTICE");

?>

or check this ..

http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Windows/Q_21109968.html

Hope this helps!
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11987583
Is the redirected site in the same domain as the initial cookie?

Have you included a path in the cookie which the redirected site is not part of?

Normally, I want my cookies for the entire site. Some people use cookies for just part of a site (i.e. members areas or catalogue).

What code are you using to set the cookie?
What is the full url of the page setting the cookie?
What is the full url of the page checking the cookie?

Richard.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 1

Expert Comment

by:Buz
ID: 11989577
Which method is used to set the cookie?
It will help if you'll post the cookie setup code here.
0
 

Author Comment

by:mdiez
ID: 11991851
Here is my authentication script:

<?php
      ob_start();
      require_once("dbconnection.php");
      
      error_reporting(0);
      $user      = $_POST['username'];
      $pass      = $_POST['password'];
      error_reporting(1);

    $sql = "SELECT * FROM users WHERE username = '$user'";
       
      // execute the sql statement
      $result = mysql_query($sql, $conn) or die(mysql_error());
      $numrows = mysql_num_rows($result);
        
      if($numrows == 0)
      {
            throwError();
      }
      else
      {
            $newArray = mysql_fetch_array($result);
            
            if($newArray['password'] != $pass)
                  throwError();
            else
                  goSuccess($user, $newArray['level'], $newArray['firstname']);
      }
      //====================
      function goSuccess($user, $level, $firstname)
      {
    setcookie('user', $user, time() + 36000, '/');
    setcookie('level', $level, time() + 36000, '/');
    setcookie('name', $firstname, time() + 36000, '/');
    header("Location: ../../../menu.php");
      }
   
      //====================
      function throwError()
      {
            $msg = urlencode("Please Try Again!");
            header("Location: ../../../index.php?action=staff&msg=$msg");
      }
?>


thansk for the help.
0
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 250 total points
ID: 11994284
I would add an

ob_end_flush();

at the end of the script, just to make sure everything is being sent.

In the script where you want to see what is in the cookie, take a look at $_COOKIE.

You may NOT get a cookie back if the user has disabled cookies.

Do not rely on them as always being right.

Richard.
0
 
LVL 1

Assisted Solution

by:Buz
Buz earned 250 total points
ID: 11994328
My guess is that there is somthing wrong with setcookie.
Try to replace this code:
  setcookie('user', $user, time() + 36000, '/');
  setcookie('level', $level, time() + 36000, '/');
  setcookie('name', $firstname, time() + 36000, '/');
with this:
  $exp = strftime("%A, %d-%b-%Y %H:%M:%S", time()+36000);
  $cookiestr = sprintf ("%s=%s; expires=%s;", "user", $user, $exp);
  header ("Set-Cookie: $cookiestr");
  $cookiestr = sprintf ("%s=%s; expires=%s;", "level", $level, $exp);
  header ("Set-Cookie: $cookiestr");
  $cookiestr = sprintf ("%s=%s; expires=%s;", "name", $firstname, $exp);
  header ("Set-Cookie: $cookiestr");
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11994369
You can check the output using telnet or some other app that will allow you to see the headers.

Or you can use PHP ...

<?php

$fp = fopen('http://www.yoursite.com/yourpage.php','rt');
$aMeta = stream_get_meta_data($fp);
print_r($aMeta);
echo $http_response_header; // This is a new one on me and is in the PHP Manual.

?>

Richard.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 11994408
Don't need the echo line as the data in it is in the $aMeta array already.

<?php

$fp = fopen('http://dev.bandvulc','rt');
$aMeta = stream_get_meta_data($fp);
print_r($aMeta);

?>

You will then see any cookies being sent to you.

Also, try checking the return value of setcookie(). It should be true. If it is not, it did not manage to add the cookie. I would also recommend ALWAYS have

error_reporting(E_ALL);

whilst working and then make sure ALL warnings,errors and notices are coded out. A notice today may become a warning tomorrow which could become an error a LOT sooner!

Richard.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 12297728
I think that a lot of points have been raised to help in answering this as well as code to track the cookies he is having an issue with.

Split.
0
 
LVL 1

Expert Comment

by:Buz
ID: 12390545
Sounds fair to me.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question