PHP cookies problem, works in Firefox not in other browser

Question

I\'ve a problem with setting cookies in php. I\'ve to say that I\'m not very experienced with php, so maybe is a very stupid problem.

I\'ve an ajax rating system tha

Answer 1

Are you setting the cookie on the exact same URL? If you're using $_SERVER['HTTP_HOST'] then one browser may set it for http://example.com while another may set it on http://www.example.com. If you visit the alternate version the cookie won't be set.

To quote the PHP docs:

The domain that the cookie is available. To make the cookie available on all subdomains of example.com then you'd set it to '.example.com'. The . is not required but makes it compatible with more browsers. Setting it to www.example.com will make the cookie only available in the www subdomain.

So try setting '.yoursite.com' as the domain.

Other things to try:

• $name is the only required parameter in the setcookie function - try skipping everything after $expire and see if it works.
• Try setting an $expire value a long way into the future. Maybe there is something on your computer or the server causing a time issue?
• Have you checked in your browser if the cookie is definitely being set? There should be a way to list every cookie set. Set the cookie and check your browser.

Answer 2

The IFRAME is the reason your cookies are being lost. Your PHP session id cookie is also being lost and a new session is created on each request, therefore losing track of previous state.

While P3P headers may help, client browsers can still be set to disallow third party cookies and P3P can't override that. Steve Gibson of Security Now! podcast fame repeatedly recommends to enable blocking third party cookies because it stops things like tracking cookies.

What you need to do is switch to form-based session id. PHP makes this easy by supplying the "PHPSESSID" form variable in either querystring or hidden input form variable with the value of session_id(). Or if you want to be portable, check the value of ini_get('session.name') incase the web server is configured with a custom session variable name, different than "PHPSESSID".

Answer 3

problema en cookies para ie SOLUCIONADO: problem at cookies for ie SOLVED:

Es SIMPLE, Cuando declaren la cookie y escriben en el EXPIRE: time()+60*60*24*30, cambien los 60's por 120 asi: time()+120*120*24*30. A m'i me funcion'o a la perfeccion.

Its simple, when you declare the cookie, at the expire time "time()+60*60*24*30", change los 60's by 120 so: time()+120*120*24*30. It worked for me.

Answer 4

I've had a similar problem in the past where cookies would be set by firefox but not IE if I was working with a local network server (192.168.0.102 or something like that) but when I ported it all over to the public server with a domain name it worked fine.

IE might have some kind of strange rules about cookies and domain names. Not sure if this helps in your case.

Answer 5

Check the cookie settings of the other browsers and if they're set to block all or empty on exit.

If the cookies work in one browser, but not another, you will need to make sure that the other browser is letting you set cookies in the first place.

Sometimes it will look like you can create the cookie, but then it will disappear or be deleted with each page reload.

Cookies from an iframe

It's also possible that because you're setting the cookies in an iframe, that the browsers may view it as a third-party cookie and reject it unless explicitly set out in the browser preferences to allow third-party cookies.

In that case you would need a compact privacy policy (or a compact P3P header) on the pages from where you're trying to set the cookies from.

For PHP, you would add this as your header for the page setting the cookie:

header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');