Cookie doesn’t set using PHP 4, but they do using PHP5?

So yesterday when working on a client site all of the cookies stopped working. I had not changed a single thing since I had last worked on it and everything worked. I did some research for a couple hours where people wrote about cookies not setting properly. It yielded a vast amount of results, mostly pointing to how I was setting the cookie. My cookie code appeared to be perfect in structure though so I cast that aside.

setcookie("cookieName", '1' , time()+7200,'/','.levijackson.net');

The best answer I could fine over the two hours was this:

Check the cookie settings of the other browsers and if they’re set to block all or empty on exit.
If the cookies work in one browser, but not another, you will need to make sure that the other browser is letting you set cookies in the first place.
Sometimes it will look like you can create the cookie, but then it will disappear or be deleted with each page reload.

It’s also possible that because you’re setting the cookies in an iframe, that the browsers may view it as a third-party cookie and reject it unless explicitly set out in the browser preferences to allow third-party cookies.

In that case you would need a compact privacy policy (or a compact P3P header) on the pages from where you’re trying to set the cookies from.
For PHP, you would add this as your header for the page setting the cookie:
header(‘P3P:CP=”IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT”‘);

Posted on Stackoverflow

The problem?

It didn’t work for me. For one, I wasn’t using iframes and therefore had no path issues. I also came across another solution of using httpOnly cookies. This solved the problem in Chrome but not IE. I depend on expiring and resetting cookie values for a key part of the site. This didn’t have the functionality of expiring from what I could find.

I always use it as my last option, as I like to figure things out on my own, but I finally turned to Stackoverflow. A user on the site, Kip, suggested I use Web Sniffer to see how the headers were being sent. When I viewed them I at first didn’t notice anything different. I was getting the following:

<em>(PHP 4 site)</em> eventCookie=2; expires=Wed, 30-Sep-2009 02:16:37 GMT; path=/; domain=.levijackson.net <br />
<em>(PHP 5 site)</em> eventCookie=2; expires=Wed, 30 Sep 2009 05:33:37 GMT; path=/; domain=.levijackson.net <br />

The part that finally clicked with me was when the cookies expired. For the PHP 5 site the cookie expired 5:30am GMT which was the equivalent to around midnight here (at the time of testing it was around 11pm). The cookie for the PHP 4 site however was set to expire around 2am GMT which translated to 9pm. As a result the cookie was setting and immediately unsetting.

The solution:

I set the cookie to expire in 24 hours rather than just 2. This allowed for the difference in server time.

Side notes:

I still don’t know how the server changed its time, but it quite literally went from working to not working. So I can only assume the admin of the server either updated or changed a setting. Either way I gained a tool and some more knowledge of cookies so I can’t complain.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>