How to set (or read) a 3rd party cookie?

JdS · #1 16-Sep-2003, 06:24

How does one actually set (or read) a third party cookie?

Here's the plan... for my current project(s), I plan to manage the user logins and the user database off one central domain / database e.g. http://www.example-centre.com/

In the long term, anyone who is already a member will have automatic access to any new website(s) in my 'network-of-sites'.

The user login system is using encrypted cookies but I don't know how to go about reading the cookie off other domains, if any.

I have an idea but I think it's a bit long-winded, so I am eager to hear from anyone with a simpler suggestion. Preferably, non-javascript solutions only.

Allowee · #2 16-Sep-2003, 06:57

Setting a cookie in PHP will you allow you to give it a domain name...

PHP Code:


setcookie('name', 'value', time() + 1000, '/', '.domain.com');

which will work on *.domain.com (I'm not 100% sure if it works when you set it to another domain then the current)

but you are not allowed to read cookies from other domains then the current domain.

the browser just won't allow it.

if it did allowed it...
I could read ALL your cookies, including unencrypted passwords!, that are on your computer.....

not a good idea

(btw, I guess you know all of this already..)

JdS · #3 16-Sep-2003, 07:56

Appreciate the comments Allowee but you seem to have forgotten the very important point that I own all these 3rd party domains in this context.

In other words, I can, potentially, re-direct the user to the 'central' site to process the login, re-direct back to the entry domain and set the cookie, etc.

I am looking for ideas like these, meaning I have full control of these '3rd party' domains.

I am not interested nor am I attempting to read 3rd party cookies off microsoft.com for example.

Allowee · #4 16-Sep-2003, 08:14

The thing you want is setting cookies for all your network sites, correct?

you can do that easy with PHP.

but managing cookies as a group for your network won't work.

I'm also not sure if you can edit a cookie from domain.com, setting it to change a server.com cookie.

I guess the best thing to do is just use that 1 domain for setting cookies, and read them on the other domains....

I've just checked that setting cookies to othewr domains works, not sure about editing

JdS · #5 16-Sep-2003, 08:35

Quote:

Originally posted by Allowee
I've just checked that setting cookies to othewr domains works, not sure about editing

Are you certain about this?

At the moment, I have not uploaded anything so I cannot check this myself... so I appreciate the test results.

What I could try is:

When a member logs in, the login data is processed by e.g. http://www.example-centre.com/login.php

Inside login.php, have something like this:

PHP Code:


<?php
setcookie('name', 'value', time() + 1000, '/', '.example-1.com');
setcookie('name', 'value', time() + 1000, '/', '.example-2.com');
setcookie('name', 'value', time() + 1000, '/', '.example-3.com');
setcookie('name', 'value', time() + 1000, '/', '.example-4.com');
?>

If this works, I think it will do for now, until I learn something new.

Allowee · #6 16-Sep-2003, 08:43

I'm sure that it works...

when you login at
http://www.evoex.com/

you will be loggedin on
http://www.evolutionbb.com/development/01b/
aswell.

you don't have to test it....
it worked for me with latest Konqueror on Debian

I guess trying with that site will give you the results on other browsers

JdS · #7 16-Sep-2003, 09:04

Do you know if that is how they do it too?

<correction>
I registered at evoex.com, logged in (my Internet Explorer cookie setting blocks 3rd party cookies), then visited evolutionbb.com, I was pleased to see that my username was listed as being online but I was NOT logged-in afterall!
</correction>

Anyway, thank you Allowee!

If anyone else reading this thread in the future has a better idea, feel free to add to this thread.

Allowee · #8 16-Sep-2003, 09:40

the problem with not being loggedin but appear in the online users is normal...

I had the same problem....

But you did see yourself in the online list, which means the cookie worked

JdS · #9 16-Sep-2003, 11:28

Yes, I am also excited that it worked. I realised that not being logged in was most likely a coding issue with the 2 sites mentioned above. Thank you again...

JdS · #10 29-Sep-2003, 04:01

Here's an update:

This idea doesn't work at all on Mozilla 1.2+ / Linux! I tried many settings in the browser preferences / settings and nothing worked.

The only cookie set was for the website/domain that set it. I even verified that it was not the fault of the PHP script (just to be ultra sure). The setcookie() function returned TRUE for every domain it had to set a cookie but the browser ignored setting em except for the 'calling site/domain'.

I wasted the whole weekend trying to figure it out but I failed. If I want to move forward, I have to put this on the back-burner for now or until someone can suggest something else in the meantime.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
LoveSan, Blaster & MSBlaster VIRUS warning - If using Windows please read	jrobbio	Computer Software Forum - Windows	8	15-Aug-2003 11:02
Guestbook	conkermaniac	MySQL / PHP Forum	4	25-Mar-2003 09:04
SEO's read this!	jrobbio	Search Engine Optimization Forum	3	02-Feb-2003 20:11
If you have problems using WINDOWS, read this...	JdS	Open Discussion Forum	3	04-Feb-2002 19:48