Changing session cookie via javascript?

Re: Changing session cookie via javascript?

On Tue, 03 Feb 2004 21:23:11 GMT, M Wells
<planetquirky@p lanetthoughtful .org> wrote:
[color=blue]
> When I reload the page, the value in the session cookie originally set
> by the PHP code has been retained, rather than changing to the new
> value set by the JavaScript.
>
> Can anyone give me any thoughts on why this session cookie is
> resisting the JavaScript change?[/color]

When you reload the page, wouldn't the Set-Cookie header be re-applied,
thereby resetting the cookie value?

Try checking the value immediately after setting the cookie with
JavaScript to see if it was altered in the first place.

Mike

--
Michael Winter
M.Winter@blueyo nder.co.invalid (replace ".invalid" with ".uk" to reply)

Re: Changing session cookie via javascript?

On Tue, 03 Feb 2004 21:44:16 GMT, Michael Winter
<M.Winter@bluey onder.co.invali d> wrote:
[color=blue]
>On Tue, 03 Feb 2004 21:23:11 GMT, M Wells
><planetquirky@ planetthoughtfu l.org> wrote:
>[color=green]
>> When I reload the page, the value in the session cookie originally set
>> by the PHP code has been retained, rather than changing to the new
>> value set by the JavaScript.
>>
>> Can anyone give me any thoughts on why this session cookie is
>> resisting the JavaScript change?[/color]
>
>When you reload the page, wouldn't the Set-Cookie header be re-applied,
>thereby resetting the cookie value?
>
>Try checking the value immediately after setting the cookie with
>JavaScript to see if it was altered in the first place.[/color]

Hmmm. It seems PHP and JavaScript may be saving their session
variables in different places on the server.

When I retrieve the list of session variables available to the PHP in
the page, I get a variable with the name I want with the value I want
changed and when I retrieve the list of session variables available to
the JavaScript in the page, I get the same variable name with the new
value.

I wonder if the PHP code is saving the session into the current
directory, while the JavaScript is saving the session into the root
directory of my site?

Thanks for your suggestion!

Much warmth,

Murray

Re: Changing session cookie via javascript?

M Wells wrote:
[color=blue]
> On Tue, 03 Feb 2004 21:44:16 GMT, Michael Winter
> <M.Winter@bluey onder.co.invali d> wrote:
>
>[color=green]
>>On Tue, 03 Feb 2004 21:23:11 GMT, M Wells
>><planetquirky @planetthoughtf ul.org> wrote:
>>
>>[color=darkred]
>>>When I reload the page, the value in the session cookie originally set
>>>by the PHP code has been retained, rather than changing to the new
>>>value set by the JavaScript.
>>>
>>>Can anyone give me any thoughts on why this session cookie is
>>>resisting the JavaScript change?[/color]
>>
>>When you reload the page, wouldn't the Set-Cookie header be re-applied,
>>thereby resetting the cookie value?
>>
>>Try checking the value immediately after setting the cookie with
>>JavaScript to see if it was altered in the first place.[/color]
>
>
> Hmmm. It seems PHP and JavaScript may be saving their session
> variables in different places on the server.
>
> When I retrieve the list of session variables available to the PHP in
> the page, I get a variable with the name I want with the value I want
> changed and when I retrieve the list of session variables available to
> the JavaScript in the page, I get the same variable name with the new
> value.
>
> I wonder if the PHP code is saving the session into the current
> directory, while the JavaScript is saving the session into the root
> directory of my site?
>
> Thanks for your suggestion!
>
> Much warmth,
>
> Murray[/color]

I think you are misunderstandin g cookies....

Putting PHP aside for a moment, let's talk about the way a web server
sends cookies, using HTTP. A web server sends a header, including the
content type, content length, and other things. One of those things can
be a cookie string... For example:

Set-cookie: myinfo=newvalue ; domain="yourdom ain.com"
Content-type: text/html
Content-length: 3344

<HTML>
-- rest of the HTML code

With that said, let's bring PHP back. In php, you set a session. It
tells the web server to run the Set-cookie header in the response...
which is why you need to do it at the top of the script, before you send
any content.

The cookie is never saved on the server.

So where is it saved? The browser gets the Set-cookie command, and the
cookie is saved some place (browser specific) on the user's machine. It
then reads the rest of the HTML code, and processes it.

** Enter your javascript **

At this point, your javascript can read document.cookie , and it will be
what the server set. If you change it, you WILL change the value saved
on your side... but if you reload the page, you will get the same HTTP
header, and it will be reset to the original value.

So, you may be asking... how does the server know the cookie value?
Well, it is pretty simple... When your browser makes a request to the
server, and a cookie exists for that domain, it will exist in the
request header:

GET /somepage.html HTTP/1.0
Cookie: <the cookie string>

Now, the server can tell PHP what the cookie is, and you can retrieve it
via PHP libraries.

So, in short, your cookie is only stored in one place... on the client's
machine. It is never stored on the server. The state is always
maintained on the client.

I hope this helps.
Brian