PHP :: Bug #24855 :: setcookie() doesn't work with header() function

Bug #24855	setcookie() doesn't work with header() function
Submitted:	2003-07-29 10:17 UTC	Modified:	2003-07-29 10:56 UTC
From:	tomasz at biznespolska dot pl	Assigned:
Status:	Not a bug	Package:	IIS related
PHP Version:	4.3.2	OS:	Windows NT 4.0
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2003-07-29 10:17 UTC] tomasz at biznespolska dot pl

Description:
------------
I'm using Windows NT4 with IIS4.0.
I have found that function setcookie() doesn't work (doesn't send cookie) , when header() function is called, somewhere after.

When I comment line with header() then it sends cookie to browser, but I'm not able to redirect user to another page. 

I know, I can use <meta http-equiv="refresh" content="0; url=index.php"> but this is not best soultion.

System  Windows NT WWW 4.0 build 1381  
Build Date  May 28 2003 15:06:05  
Server API  CGI/FastCGI  
Virtual Directory Support  enabled  
Configuration File (php.ini) Path  C:\WINNT40\php.ini  
PHP API  20020918  
PHP Extension  20020429  
Zend Extension  20021010  
Debug Build  no  
Thread Safety  enabled  
Registered PHP Streams  php, http, ftp, compress.zlib  


Reproduce code:
---------------
setcookie('BPKEY', "blah=blah", time()+$_CFG['cookie_lifetime'], '/', 'biznespolska.pl');
header( 'Location: index.php' );

Expected result:
----------------
It should set cookie named BPKEY, and redirect to page index.php

Actual result:
--------------
Only redirects to page index.php

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-07-29 10:54 UTC] sniper@php.net

Try this with Apache 1.3.28. And redirecting with 'Location:' needs full URL, not just the filename. e.g.

header("Location: http://www.php.net/index.php");

[2003-07-29 10:56 UTC] pollita@php.net

The problem here is actually not that PHP doesn't send the cookie (because it does).  The problem here is that IIS ignores the value which is sent.

Using the following script:

<?php 
  setcookie("foo", "bar");
  header("Location: index.html");
?>

I see the following output by PHP to IIS:

Status: 302
Content-type: text/html
X-Powered-By: PHP/4.3.2
Set-Cookie: foo=bar
Location: index.html

Then, using telnet to connect to IIS and making a request for that document I receive the response:

HTTP/1.1 302 Object Moved
Location: index.html
Server: Microsoft-IIS/4.0
Content-Type: text/html
Content-Length: 133

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="index.html">here</a></body>

As you can see, while PHP did its job of sending the cookie to IIS.  IIS chose to "optimize it out" of the communication since the browser was being redirected.

My suggested workaround for this is to do one of the following:

(A): Implement your redirection using a <META> tag and/or a javascript command.

(B): Pass your cookie value as a GET value and have your receiving page "reinforce" the cookie when it catches it.  (i.e.:  setcookie("foo",$_GET['foo']); on a page which does not redirect.)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Apr 20 04:01:28 2024 UTC