ID: 14255
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: No Feedback
Bug Type: HTTP related
Operating System: Debian 2.2.19
PHP Version: 4.0.6
Assigned To: shiflett
New Comment:
I have a PHP script that sets a cookie as follows:
$cookie_expire = time()+3600;
$cookie_name= "loginpipoclub";
$value= "mike";
setcookie ($cookie_name, $value, $cookie_expire);
THis IS NOT WORKING anymore (I swear it did work
!). So I have finally tried to find out why the cookie is not being
set by using Telnet. The response I get in the header shows that the
cookie is expired, but I cannot understand WHY!!! THE server time
shows the correct time/date according to my system and my watch BUT THE
COOKIE IS MARKED AS DELETED (SEE SetCookie: header below) despite the
fact that I have set it to expire at time() + 3600. In fact, the
expiry date is marked to be last year.
HERE IS THE RESPONSE FROM THE SERVER USING TELNET ON PORT 80:
HTTP/1.1 200 OK
Date: Wed, 05 Feb 2003 19:40:29 GMT
Server: Apache/1.3.22 (Unix) mod_ssl/2.8.5 OpenSSL/0.9.6a PHP/4.0.6
mod_perl/1.0
X-Powered-By: PHP/4.0.6
Set-Cookie: loginpipoclub=deleted; expires=Tue, 05-Feb-02 19:40:39 GMT;
path=/;m
Transfer-Encoding: chunked
Content-Type: text/html
PLEASE, CAN ANYONE SHED SOME LIGHT ON THIS. I have been looking all
over the internet on various forums BUT i cannot get a solution to the
problem,
I am using PHP/MYSQL on a unix system in the US, which i am accessing
from telnet in spain. My browser is Internet Explorer 6.0.128
(initially i thought it was a browser issue since I had this working on
other browsers, but the telnet proof shows that it is not a browser
issue, the cookie has in fact been marked as DELETED!!!!).
regards
Mike Ferrer
Previous Comments:
------------------------------------------------------------------------
[2002-03-07 00:00:05] [EMAIL PROTECTED]
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2002-02-06 14:00:02] [EMAIL PROTECTED]
I'm changing the category to HTTP and status to feedback. I do not
think this is a bug but want to give the submitter time to respond to
my inquiry.
------------------------------------------------------------------------
[2002-02-06 12:33:40] [EMAIL PROTECTED]
Is this even a bug? It's under documentation problem. Do I need to
change something in the documentation?
------------------------------------------------------------------------
[2002-02-03 22:47:01] [EMAIL PROTECTED]
A couple of comments.
Kris, in regards to your comment on NOV-27-2001 at 1:48PM, that code
will fail because you cannot set a cookie and give a Location header in
the same HTTP response. Well, you *can*, but your cookie will not be
set. Since the server would not be able to identify the client without
the cookie, you get the unexpected behavior. This is a protocol-level
situation, but is generally *not* considered a bug in HTTP (in case you
got the feeling I was supporting that idea). Basically, PHP gives you
the freedom to specify your own headers in the HTTP response, but you
need to have a clear grasp of what they do to use them.
So, if this example was a clear illustration of the problem you've been
having, it's not a bug in PHP. You can spread that around to others who
are having the same problems.
Also, in regards to the time/date discussion, it is correct to say that
the browser uses the client time (obviously) to determine whether to
send a cookie along with subsequent HTTP requests. It is also correct
to say that the setcookie function uses the server time to set the
expiration date. However, since both are in GMT as [EMAIL PROTECTED]
explained (sorry, I don't know your name), this only matters if both
clocks are considerably out of sync or if the expiration time of the
cookie is extremely small. If this is a concern, consider using
client-side scripting to set the cookie, so that the browser itself
creates the cookie based on its own time. You can create the
client-side script itself using PHP, so that the cookie's value can
still be dynamically generated by your PHP scripts.
Hope that clears a few things up. If this didn't solve your problem,
please post another small example, and I'll try to reproduce your
environment.
------------------------------------------------------------------------
[2001-12-05 06:52:05] [EMAIL PROTECTED]
Timezones do NOT matter. All times are GMT.
>From a HTTP-response:
Set-Cookie: CookieName=CookieValue; expires=Mon, 28-Jan-02 00:47:45
GMT
So the only thing that should be noted is that the time on client and
server should be in sync for correct behaviour.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/14255
--
Edit this bug report at http://bugs.php.net/?id=14255&edit=1
