Changing session cookie via javascript?

[M Wells]

Hi All,

Just wondering how you go about changing the value of a session cookie
via javascript?

I have a PHP page that sets a session cookie when it first loads. I'd
like to be able to change the value of that session cookie in response
to a button click in a form, without resubmitting the page.

For some reason, the following doesn't seem to work:

document.cookie = 'myinfo=newvalue';

When I reload the page, the value in the session cookie originally set
by the PHP code has been retained, rather than changing to the new
value set by the JavaScript.

Can anyone give me any thoughts on why this session cookie is
resisting the JavaScript change?

Many thanks,

Murray

 

[Michael Winter]

When I reload the page, the value in the session cookie originally set
by the PHP code has been retained, rather than changing to the new
value set by the JavaScript.

Can anyone give me any thoughts on why this session cookie is
resisting the JavaScript change?

When you reload the page, wouldn't the Set-Cookie header be re-applied,
thereby resetting the cookie value?

Try checking the value immediately after setting the cookie with
JavaScript to see if it was altered in the first place.

Mike

 

[M Wells]

When you reload the page, wouldn't the Set-Cookie header be re-applied,
thereby resetting the cookie value?

Try checking the value immediately after setting the cookie with
JavaScript to see if it was altered in the first place.

Hmmm. It seems PHP and JavaScript may be saving their session
variables in different places on the server.

When I retrieve the list of session variables available to the PHP in
the page, I get a variable with the name I want with the value I want
changed and when I retrieve the list of session variables available to
the JavaScript in the page, I get the same variable name with the new
value.

I wonder if the PHP code is saving the session into the current
directory, while the JavaScript is saving the session into the root
directory of my site?

Thanks for your suggestion!

Much warmth,

Murray

 

[Brian Genisio]

Hmmm. It seems PHP and JavaScript may be saving their session
variables in different places on the server.

When I retrieve the list of session variables available to the PHP in
the page, I get a variable with the name I want with the value I want
changed and when I retrieve the list of session variables available to
the JavaScript in the page, I get the same variable name with the new
value.

I wonder if the PHP code is saving the session into the current
directory, while the JavaScript is saving the session into the root
directory of my site?

Thanks for your suggestion!

Much warmth,

Murray

I think you are misunderstanding cookies....

Putting PHP aside for a moment, let's talk about the way a web server
sends cookies, using HTTP. A web server sends a header, including the
content type, content length, and other things. One of those things can
be a cookie string... For example:

Set-cookie: myinfo=newvalue; domain="yourdomain.com"
Content-type: text/html
Content-length: 3344

<HTML>
-- rest of the HTML code

With that said, let's bring PHP back. In php, you set a session. It
tells the web server to run the Set-cookie header in the response...
which is why you need to do it at the top of the script, before you send
any content.

The cookie is never saved on the server.

So where is it saved? The browser gets the Set-cookie command, and the
cookie is saved some place (browser specific) on the user's machine. It
then reads the rest of the HTML code, and processes it.

** Enter your javascript **

At this point, your javascript can read document.cookie, and it will be
what the server set. If you change it, you WILL change the value saved
on your side... but if you reload the page, you will get the same HTTP
header, and it will be reset to the original value.

So, you may be asking... how does the server know the cookie value?
Well, it is pretty simple... When your browser makes a request to the
server, and a cookie exists for that domain, it will exist in the
request header:

GET /somepage.html HTTP/1.0
Cookie: <the cookie string>

Now, the server can tell PHP what the cookie is, and you can retrieve it
via PHP libraries.

So, in short, your cookie is only stored in one place... on the client's
machine. It is never stored on the server. The state is always
maintained on the client.

I hope this helps.
Brian