php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48243 Cookie not set after setting cookie in .htaccess
Submitted: 2009-05-12 07:50 UTC Modified: 2009-05-14 09:03 UTC
From: stephan dot schulze at kapthon dot com Assigned:
Status: Not a bug Package: HTTP related
PHP Version: 5.2.9 OS: Centos 5.3
Private report: No CVE-ID: None
 [2009-05-12 07:50 UTC] stephan dot schulze at kapthon dot com
Description:
------------
setcookie does not set a cookie when a cookie is set in .htaccess file first

I do not know whether this is a bug or expected behaviour

Reproduce code:
---------------
.htaccess Code
==============
<FilesMatch "\.(html|htm|xml|txt|php)$">
SetEnvIf Cookie "^.*testcookie.*$" cookie_set=1
Header set Set-Cookie: "testcookie=1; path=/;" env=!cookie_set
</FilesMatch>

Cookie is set here

PHP-Code
========
setcookie('testphp', 'test_' . time());

in index.php => cookie is not set

Expected result:
----------------
"testcookie" AND "testphp"-Cookie should be set

Actual result:
--------------
Only "testcookie" is set,any calls to setcookie does not set any cookie at all

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-05-13 00:56 UTC] jani@php.net
I would guess you need to match all the parameters used to be able to 
reset a cookie. But you're better of using header() with the replace 
parameter set to true.
 [2009-05-13 06:27 UTC] stephan dot schulze at kapthon dot com
I do not want to reset a cookie but to set another second or third cookie.
PHP even doesn't set a session cookie, when a cookie is set via htaccess before.

So the problem is:
after setting a cookie via htaccess, PHP doesn't set any other cookies anymore

I do not know whether this is really a bogus bug.
 [2009-05-14 09:03 UTC] stephan dot schulze at kapthon dot com
Problem is solved!

1. First PHP is setting a header with the name "Set-Cookie"
2. And then Apache's mod_header is working.

Header set Set-Cookie: "testcookie=1; path=/;" env=!cookie_set

"Header set" is replacing all headers with the same name (e.g. "Set-Cookie")
 whith this new one. Thus the header "Set-Cookie", which is set from PHP,
does not exists after this directive.

You must use "Header add" in ".htacess", to add an additional Set-Cookie
header to the current set of headers.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 16:01:29 2024 UTC