Solution to the problem of cookies with the same name in different subdomains of PHP_PHP Tutorial

$_COOKIE is a very useful thing in php, but sometimes we encounter different subdomain names under the same domain name, so there will be a problem of only keeping one cookie. The editor will introduce it to you below. one time.

PHP’s superglobal variable $_COOKIE brings a lot of convenience, but can also cause confusion in some cases. For example, there are cookies with the same name in the root domain and subdomains, and only one can be saved in $_COOKIE. Which one should it be?

RFC recommends using the one with the longest length, which has the highest accuracy, but different browsers handle it differently. I only tested Chrome. In Chrome, cookies with the same name in the root domain and subdomains are sent out. In this way, PHP only receives the cookies with the same name in the front, and the later ones are ignored. This makes it easy to receive wrong values. Safari is said to have followed the RFC's recommendations and has not been tested personally, nor by other browsers.

First, set the virtual domain name through SwitchHosts: www.bKjia.c0m, and configure the Web server. Of course, you can also manually set the Hosts file. My intention is to introduce a few more tools.

Then write a PHP script to set cookies, first set the subdomain, and then set the root domain:

The code is as follows

Copy code

代码如下	复制代码
setcookie("bar", "www", time() + 10, "/", "www.bKjia.c0m"); setcookie("bar", "foo", time() + 10, "/", ".bKjia.c0m"); ?>

setcookie("bar", "www", time() + 10, "/", "www.bKjia.c0m");

setcookie("bar", "foo", time() + 10, "/", ".bKjia.c0m");

代码如下	复制代码
var_dump($_COOKIE); ?>

?>

Write the script to browse cookies:

The code is as follows	Copy code
var_dump($_COOKIE); ?>

BTW: When I first wrote the script, I actually used var_dump before setcookie, that is, there was output before sending the request header. It is really a sin to make such a beginner mistake, but what is even more surprising is that the script did not The error was reported, and after checking for a long time, it turned out that it was because the default output_buffering = 4096 in php.ini.

代码如下	复制代码
setcookie("bar", "foo", time() + 10, "/", ".bKjia.c0m"); setcookie("bar", "www", time() + 10, "/", "www.bKjia.c0m"); ?>

Set it first and then browse, and you can see the results. The results show that the cookies under the subdomain are valid.

Reopen a browser window and use WebDeveloper to delete cookies, or delete them manually to avoid affecting the results.

Then change the order of calling setcookie twice, that is, set the root domain first, and then set the subdomain:

The code is as follows	Copy code
setcookie("bar", "foo", time() + 10, "/", ".bKjia.c0m"); setcookie("bar", "www", time() + 10, "/", "www.bKjia.c0m"); ?>

代码如下	复制代码
if (isset($_SERVER['HTTP_COOKIE'])) var_dump($_SERVER['HTTP_COOKIE']);

Set first and then browse to see the results. The results show that the cookies in the root domain are valid. Repeat the test process twice and use Firebug to record the difference in request headers: For the first time, set the subdomain first, and then set the root domain: the value of the request header Cookie is bar=www;bar=foo, and the effective result is bar=www The second time, set the root domain first, and then set the subdomain: the value of the request header Cookie is bar=foo;bar=www, and the valid result is bar=foo In other words, for server-side PHP, for cookies with the same name, whichever cookie comes first among the request header cookies will take effect, and the later ones will be ignored. If you are not using Firefox, you cannot use Firebug. At this time, you can use PHP code to detect the Cookie header:

The code is as follows	Copy code
if (isset($_SERVER['HTTP_COOKIE'])) var_dump($_SERVER['HTTP_COOKIE']);

The above experimental conclusions are based on Firefox. Since different browsers may have different strategies for sending cookies, the results may be different on other browsers. For example, under Safari, the subdomain is always valid. , other browsers such as Opera, Chrome, etc. have not been carefully tested. In view of this confusing conclusion, it is better not to use cookies with the same name in subdomains and root domains!

Conclusion: It is currently very unwise to use cookies with the same name in root domains and subdomains

http://www.bkjia.com/PHPjc/633196.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/633196.htmlTechArticle$_COOKIE is a very useful thing in php, but sometimes we encounter different subscripts under the same domain name The domain name is the same, so there will be a problem that only one cookie can be retained. The following editor will give...

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：The Chinese file name of the file uploaded by php is garbled_PHP tutorialNext article：The Chinese file name of the file uploaded by php is garbled_PHP tutorial

Related articles

See more

• How to use cURL to implement Get and Post requests in PHP
• How to use cURL to implement Get and Post requests in PHP
• How to use cURL to implement Get and Post requests in PHP
• How to use cURL to implement Get and Post requests in PHP
• All expression symbols in regular expressions (summary)

Public welfare online PHP training，Help PHP learners grow quickly！

About usDisclaimerSitemap

© php.cn All rights reserved