where is my cookie? 1

[bardley]

Hi.
We are investigating sessions using Apache/PHP, and we have used session_start() and session_register("some_var&quot to create session variables. As we understand this, cookies are involved.
Question: How are the cookies named, and where can I find this cookie on my computer if I have visited these pages?

It sounds kinda elementary, but we'd like to see what is stored in the cookie (if it's just a session id or actual variable values) and we are unable to find where (or if) a cookie is being deposited.

Thanks Brad Gunsalus
Cymtec Systems, Inc.
bgunsalus@cymtec.com

 

[vcherubini]

Actually, the cookies are not stored on your computer, but rather, the servers.

The cookie name is encrypted with the md5 algorithm, and then the information is put in the file.

The information stored in the cookie is an id, and the session variables and values.

Hope this helps.

-Vic vic cherubini
krs-one@cnunited.com

http://www.cnunited.com

====
Knows: Perl, HTML, JavScript, C/C++, PHP, Flash
====

 

[rycamor]

Well, the question of cookies depends on your session configuration. It's possible to run sessions completely without client-side cookies, but then you have to push the session ID number on the URL.

The most common (default) sessions configuration is to use cookies. This doesn't mean the actual *data* gets stored on the user's cookie; just a unique ID, so it's a minimal cookie. The actual session variables (or arrays) get serialized and placed in text files (named after the unique ID), and are usually stored in /tmp.

You can actually think of these types of sessions as a combination client-side/server-side cookie. The client side only needs an identifier; the session ID. The server side then can call that cookie value to match up to the session variables stored in /tmp.

The client-side cookie value looks like PHPSESSID=23408975203485720348523a4

(or some long combination of numbers and letter)

 

[Guest_imported]

The cookie only holds the session id (on linux if you are using netscape this is in .netscape/cookies.txt). The actual cookie values and data are stored on the server side in the /tmp dir under a file that has the same name as the session id.

-richie

 

[1jochem]

is the client-side cookie read from the PHP code or using javscript on the client-side and passed back to the server via the ? part of the url?

-

sorry if this is a stupid Q!

rgds,

Jochem

 

[rycamor]

The client side cookie is passed to the server in the header, as the browser makes its request to the server. Javascript can also access the cookie, but that is for client-side operations.

For server-side operations, you can just call the $HTTP_COOKIE_VARS array, and look for any cookies specific to your server's domain. You don't have access to cookies from any other domain. You also don't have access to cookies that we set from a browser using your IP address, if later they come back using the domain name.

Make a PHP script that sets some cookies, and then runs the phpinfo() function underneath. After you refresh the page, you will see your cookie variables in the PHP Variables section.