Cookies Not Working on Different Pages

Cookies not working on different pages

Which directory are you in when the cookie gets set?

From the PHP manual on setcookie(), emphasis mine:

Path

The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain . If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain . The default value is the current directory that the cookie is being set in.

PHP Cookies problem... cookie working on one page but not working on another

Are the different pages on the same domain? You should also be setting a path, I have found cases when the path was not set to '/' then it would not be accessible by default 'everywhere' on the site even though that would make sense as the default.

Try setting the path of the cookie.

Request.Cookies not working when the page was initialized by a third party website

Browsers have changed the default of cookies so they are no-longer sent by default on requests from third-party sites to prevent CSRF attacks.

Have a read of this for more details: https://web.dev/samesite-cookies-explained/

You can make this work like it used to by adding SameSite=None when setting the cookie so browsers will still include the cookie on requests from third-party sites, like it used to. However that does mean any request can be made to include the cookie (like it used to) and so make leave your application vulnerable to attacks if a malicious party while someone is logged in. So think carefully if you really want to do this, or if there’s a better way to handle this.

How to get cookies in different page?

When you store the data as JSON in the cookie, you use a method called stringify to Serialize the object. So, when you want to get the data back, you need to pass JSON.parse(<JSON String> inside your getCookie() method.

Example:

unction getCookie(cname) {
  var name = cname + "=";
  var ca = document.cookie.split(';');
  for(var i=0; i<ca.length; i++) {
      var c = ca[i];
      while (c.charAt(0)==' ') c = c.substring(1);
      if (c.indexOf(name) == 0) return JSON.parse(c.substring(name.length,c.length));
  }
  return "";
}

var x = getCookie("user");

document.getElementById("getUser").innerHTML = x.first_name;

How to set a cookie for another domain

You cannot set cookies for another domain. Allowing this would present an enormous security flaw.

You need to get b.com to set the cookie. If a.com redirect the user to b.com/setcookie.php?c=value

The setcookie script could contain the following to set the cookie and redirect to the correct page on b.com

<?php
    setcookie('a', $_GET['c']);
    header("Location: b.com/landingpage.php");
?>

How to handle multiple cookies with the same name?

From this article on SitePoint:

If multiple cookies of the same name match a given request URI, one is chosen by the browser.

The more specific the path, the higher the precedence. However precedence based on other attributes, including the domain, is unspecified, and may vary between browsers. This means that if you have set cookies of the same name against “.example.org” and “www.example.org”, you can’t be sure which one will be sent back.

Edit: this information from 2010 appears to be outdated, it seems browsers can now send multiple cookies in return, see answer by @Nate below for details

---

Related Topics