php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #9802 header() doen't work together with setcookie()
Submitted: 2001-03-16 22:04 UTC Modified: 2001-12-02 04:34 UTC
From: fabio dot ottolini at uol dot com dot br Assigned:
Status: Closed Package: IIS related
PHP Version: 4.0.4pl1 OS: Windows NT 4.0
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2001-03-16 22:04 UTC] fabio dot ottolini at uol dot com dot br 
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate");
if(empty($check)) {
$page = "index.php?check=1";
header("Location: $page");
setcookie("testcookie", "1");
}
else {
if(empty($testcookie)) {   
echo ("<font face=arial size=4 color=red>Problem detected!</font><br><br>" .
"<b>Your browser does not support cookies!</b><br><br>" .
"<img src=\"imgs/bullet-info-az.gif\" width=15 height=15 align=absmiddle> " .
"<font size=2>Enable cookies and try again.</font>");
die;
}
else {
$page = "login.php";
header("Location: $page");
}
}
?>

If I use this script with Apache running on any OS (Solaris/RH/Windows 98/ME/NT) it works fine. But if I use the same script with IIS it simply doesn't send the cookie! I receive no error message at all but the cookie is never sent (I have even tested it with Nestcape running on the same machine of IIS server with the warn if cookies are sent checked). The only workaround I have found was to substitute the header function for a meta-tag refresh. Can you please verify that?
Up the Power Trio!

BR,

F?bio Ottolini

P.S.: I'm only using IIS to host the application because it's a corporate enviroment; I have no choice at all.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-11-11 12:07 UTC] sander@php.net 
Can you upgrade to the latest version of PHP? Does this problem still exist?
 [2001-12-02 04:34 UTC] sander@php.net 
No feedback. Closing.
 [2003-07-29 09:43 UTC] tomasz at biznespolska dot pl 
Still, it doesn't work on version 4.3.2
 [2004-06-12 22:33 UTC] jblackmon at hotmail dot com 
I'm experiencing a very similar problem.

Php v 4.3.4
win 2000 pro IIS

It was working intermitantly. Couldn't figure out what would make it work and wouldn't. Tried putting it as the first line with no if statements, tried it without cancelling out the old cookie. I'm a newb so i thought it might be a problem with my source. It's included incase i'm doing the same thing.

<?php
// KILL THE COOKIES
// if (isset($_COOKIE['cookieid']))
// {
// setcookie('cookieid', '');
// }

// MAKES ARGUMENTS FOR LOGIN ATTEMPTS
if (isset($_POST['submit']))
{
 // CONNECT TO MYSQL DB
 require_once('../LocalS/mysql_connect.php');
 // FUNCTION FOR ADDING ESCAPE CHARACTERS
 function escape_data($data)
 {
  global $dbc;
  if(ini_get('magic_quotes_gpc'))
  {
   $data=stripslashes($data);
  }
  return mysql_real_escape_string($data,$dbc);
 }
 $u=$_POST['login'];
 $p=$_POST['password'];

 // RUN QUERY VERIFY USER NAME AND PASSWORD
 $query = "SELECT userid_prikey FROM userid WHERE (userid_login='$u' AND userid_password=PASSWORD('$p'))";
 $result=@mysql_query($query);
 $num=mysql_num_rows($result);

 if ($num==1)
 {
  $row=mysql_fetch_array($result);
  $createcookie=time().$row[0];
  $query = "UPDATE userid SET userid_session_id=$createcookie WHERE userid_prikey=$row[0]";
  $result = @mysql_query($query);
  if(mysql_affected_rows()==1)
  {
   setcookie('cookieid', $createcookie, time()+300);
   header('Location: http://(names changed to protect the innocent)/mm.php'); 
   mysql_close();
   exit();
  }
  else
  {
   echo 'There was a system error.'.mysql_error();
  }
 }
 else // RUN IF PASSWORD DOESN'T MATCH
 {
//  setcookie('cookieid', '');
  echo('<font color="red">Wrong username or password. Please try again.</font>');
 }
}
?>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 25 09:01:29 2024 UTC