session_set_cookie_params on localhost

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I want to test locally and can't get past my cookie protection, is this  
right? It doesn't seem to work ...

if ($_SERVER['REMOTE_ADDR']=="") {
 session_set_cookie_params(7200, '/', '.localhost');
} else {
 session_set_cookie_params(7200, '/', '');


Re: session_set_cookie_params on localhost

Quoted text here. Click to load it

Some versions of IE insist (for some security levels) that you have
a P3P privacy policy defined on your server for cookies to work.
Google "p3p privacy policy" and you might want to choose a Microsoft
site that discusses this.

                        Gordon L. Burditt

Re: session_set_cookie_params on localhost

Quoted text here. Click to load it

Thanks Gordon, will look at this as it's something that I haven't really  
considered. However, I am currently developing the area where the cookies  
are being used. My issue is that I am unable to test locally as a cookie  
isn't being set (I'm using firefox), however it works fine on the remote  
server (i.e. I wasted a couple of hours yesterday mucking  
about, beacuse I thought there was a problem with the MySQL server .. and it  
was the cookie that was at fault.

Will my hack above allow me to test locally (no, is my current answer to  
that), or is there another way of testing on localhost I haven't considered?


Re: session_set_cookie_params on localhost

elyob wrote:
Quoted text here. Click to load it

jordi at jcanals dot net
15-Nov-2004 02:39
Something that has taken me some time to debug: session_set_cookie_params()
does not work when the domain param is just a one level domain, like it was
a TLD.

I have a site in an intranet and our internal domain is .local, so trying to
set the cookie session to the .local domain does not work:

session_set_cookie_params(0, '/', '.local'); // Does not work

In all test I've done, setting the domain only works for SLDs and above:

session_set_cookie_params(0 , '/', '.sld.local'); Does work

This is nothing to do with PHP but the http protocol, witch does not permit
setting cookies for TLDs for obvious security reasons.

What if you just use session_set_cookie_params(7200, '/');
Or does this break the rest of the script/gets caught in your

Rik Wasmus

Site Timeline