php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #16056 Please use reception of *any* cookie to signal PHP that cookies are enabled
Submitted: 2002-03-14 02:14 UTC Modified: 2002-03-14 05:17 UTC
From: mattr at ugcs dot caltech dot edu Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.1.2 OS: Windows 2000
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2002-03-14 02:14 UTC] mattr at ugcs dot caltech dot edu 
This is just a simple request. When you visit a PHP site using sessions, on the first page view the PHPSESSID appears in all URLs, because at that point PHP supposedly does not know whether cookies are enabled. However, if the site had, on an earlier visit, set a long-term cookie (with some dummy value), then now on my first page-view of a session, the PHP site should be able to know that cookies are enabled, since this one long-term cookie would have been sent.

Currently, PHP doesn't allow this -- it only checks for the PHPSESSID cookie. I think it would be an easy change, and make many people happy, to simply have it check whether any cookie was received by the server, and if so then take that as a sign that cookies are enabled and thus don't modify the links on the page. Perhaps this could be an option in the php.ini if you were worried it is not safe enough.

Thanks for your time,
Matt

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-03-14 02:15 UTC] mattr at ugcs dot caltech dot edu 
fixed my email address.
 [2002-03-14 05:17 UTC] hholzgra@php.net 
users can accept and reject cookies at will
even if the browser has cookie support enabled
(eg. Netscape "ask me before accepting a cookie" setting)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 17 05:01:31 2024 UTC