Page 1 of 3 123 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0

    Question Unable to set Cookies on Live Domain on IE on a Specific Situation


    I have a project hosted on a live server has a domain like: www.abc.com

    On live domain:
    I am unable to set cookies in IE (7, 8, 9, 10) - as it is explained in the code below - (cookies are enabled on the IE browser), but able to set cookies in Firefox, Chrome, Opera and Safari without any problem. The server time is correct (current time of Jordan)

    On localhost:
    Cookies are working perfect on all browsers!

    My code explained exactly as below:

    In the page: "localhost/test.php", I put the below code to read the content of show.php which resides in the live server:

    PHP Code:
     foreach (file('http://abc.com/api/show.php') as $o) echo $o 

    In the page http://abc.com/api/show.php:

    Code:
     function hookscript(url){
            var s = document.createElement("script");
            s.type = "text/javascript";
            s.src = url || null;
            document.getElementsByTagName("head")[0].appendChild(s);
        }
    
    hookscript('http://abc.com/aj/ajax.php?part=1');



    In the page http://abc.com/aj/ajax.php:

    Code:
     
        function hookscript(url){
            var s = document.createElement("script");
            s.type = "text/javascript";
            s.src = url || null;
            document.getElementsByTagName("head")[0].appendChild(s);
        }
    
        <?php
        $part = $_GET['part'];
        ?>
    
        <?php
        if($part==1){
        ?>
    
            <?php setcookie('test',time(),time()+3600) ?>
            hookscript('http://abc.com/aj/ajax.php?part=2');
    
        <?php
        }
    
        if($part==2){
            if(isset($_COOKIE['test'])){
        ?>
                alert('Cookies SET');
            <?php
            }
            else{
            ?>
                alert('Cookies NOT SET'); // WHY!
    
        <?php
            }
        }
        ?>
    Would appreciate your hints! Thank you!
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    Sorry - but it is very difficult to read your script as it is. Why are you going into and out of PHP mode on every line? I can't see why, but as I said it is difficult to read because of that.

    Clean up the script and only exit php when you have to, then re-post.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0
    Originally Posted by jimmyg999
    Sorry - but it is very difficult to read your script as it is. Why are you going into and out of PHP mode on every line? I can't see why, but as I said it is difficult to read because of that.

    Clean up the script and only exit php when you have to, then re-post.
    Thanks for your response and sorry I was editing and got something urgent. I have completed now, opening and closing PHP tags to enable execution of Javascript. I hope it is OK? Appreciate your hints about the solution.
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    There's no such thing as $_COOKIES, so either this is not the actual code, or the code never worked for any browser.

    Either way, you need to get familiar with the developer tools of your browser. Press F12 in Chrome and go the the Network tab. When you click on the main script, you get the exact response headers. Is there a Set-Cookie header? What does it say?
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    So where is the new cleaned up code?
  10. #6
  11. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    You don't need the code at all. When you wanna test something, you need a minimal example that only covers this particular functionality:

    PHP Code:
    <?php

    setcookie
    ('test''testvalue'time() + 3600);
    Your code, on the other hand, is stuffed with irrelevant functionalities. There are 100 ways for the code to fail before it even reaches the cookie check. This isn't very helpful for testing.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0
    Originally Posted by Jacques1
    There's no such thing as $_COOKIES, so either this is not the actual code, or the code never worked for any browser.

    Either way, you need to get familiar with the developer tools of your browser. Press F12 in Chrome and go the the Network tab. When you click on the main script, you get the exact response headers. Is there a Set-Cookie header? What does it say?
    Sorry it was typing mistake, I have edited it.
  14. #8
  15. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0
    Originally Posted by Jacques1
    You don't need the code at all. When you wanna test something, you need a minimal example that only covers this particular functionality:

    PHP Code:
    <?php

    setcookie
    ('test''testvalue'time() + 3600);
    Your code, on the other hand, is stuffed with irrelevant functionalities. There are 100 ways for the code to fail before it even reaches the cookie check. This isn't very helpful for testing.
    I am checking through IE but couldn't find useful tool to test the cookies if it is OK. Could you please suggest me to get this code working in IE? Would appreciate that! Thank you!
  16. #9
  17. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    My question about the response header wasn't a joke. I ask you for that information.

    I understand that you think you have a problem with IE. But before you jump into browser tests, you first need to make sure that the sever does the right thing.

    Remember your last thread? You also thought it was a browser issue. But in fact it turned out that your server clock was wrong.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    I'm going to suggest turning on error checking.
    Also - how are you checking if the cookie exists? Without the domain parameter you will only see it in the same folder as it was issued from I believe.
  20. #11
  21. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0
    Originally Posted by jimmyg999
    I'm going to suggest turning on error checking.
    Also - how are you checking if the cookie exists? Without the domain parameter you will only see it in the same folder as it was issued from I believe.
    No errors found! The code is working on 4 browsers except IE I tried added domain parameter like: setcookie('test', time(), time()+3600, '/', '.domain.com') without any luck
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    189
    Rep Power
    0
    You added ".domain.com". Is that the right form? Why the leading period?
  24. #13
  25. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    So you not gonna check the response headers? Well, then good luck groping in the dark.

    All I can tell you is that I've been doing this for a while, and the first thing I've learned is that you should never rely on one quick assumption.

    Just because different browsers behave differently does not mean it's a browser issue. It may also be the case that the server already sends faulty data, but the browsers are more or less error-tolerant. So don't be so quick to say "It's an IE issue!". Maybe it is, maybe it's not. The only way to find out is to actually check the headers.

    You should have learned that from your previous thread. But now you make the same mistake again.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  26. #14
  27. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    95
    Rep Power
    0
    Originally Posted by Jacques1
    So you not gonna check the response headers? Well, then good luck groping in the dark.

    All I can tell you is that I've been doing this for a while, and the first thing I've learned is that you should never rely on one quick assumption.

    Just because different browsers behave differently does not mean it's a browser issue. It may also be the case that the server already sends faulty data, but the browsers are more or less error-tolerant. So don't be so quick to say "It's an IE issue!". Maybe it is, maybe it's not. The only way to find out is to actually check the headers.

    You should have learned that from your previous thread. But now you make the same mistake again.
    How to check the headers?
  28. #15
  29. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
Page 1 of 3 123 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo