Help reading cookies

htmanning has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks,

I'm writing a little script to read a phpbb cookie from pages outside the forum. If the person is logged in, I print one thing, if they're not logged in I print another.

This worked when I only ran it on one site, but now it's getting confused. I have several domains running the same kind of forums, and I'm running this script on each domain. All of a sudden the script doesn't know whether it's logged in or not. It's as if it is reading a cookie from another domain. Is that possible? Shouldn't this code tell it to read the cookie on the domain it's called from?

    local(@getcookies) = split (/; /,$ENV{'HTTP_COOKIE'});
    local(%cookies);
    foreach(@getcookies){
        ($ckey, $cval) = split (/=/,$_);
        $cookies{$ckey} = $cval;
    }
$user_logged = $cookies{'phpbb2mysql_data'};
$user_sid = $cookies{'phpbb2mysql_sid'};

if ($user_logged !~ /autologinid/) {
print <<HTML;
<a NOCOLOR NOUNDERLINE id="top3" href="/forums/login.php?" target=_top
+><SPAN STYLE="COLOR: #0033cc">Log in</span></a> &nbsp;
HTML
} else {
print <<HTML;
<SPAN STYLE="COLOR: #0033cc" id="top3" >Welcome back! | <a NOCOLOR NOU
+NDERLINE id="top3" href="/forums/login.php?logout=true&sid=$user_sid"
+ target=_top>Log out</a></span> &nbsp;
HTML
}
[download]

Comment on Help reading cookies Download Code

Replies are listed 'Best First'.
Re: Help reading cookies by eye (Chaplain) on Nov 23, 2008 at 08:15 UTC
Shouldn't this code tell it to read the cookie on the domain it's called from? No. Regardless of whether you code your own solution or use a module, your script has no control over this. Cookies persist on the client side (browser) and are returned to the server with each request. How the browser is configured may modify the expected behavior, but it would be unusual for a browser to return a cookie to any but its originating domain (at least it should be).	[reply]
Re^2: Help reading cookies by htmanning (Friar) on Nov 23, 2008 at 08:49 UTC
Can I read a cookie from another domain? Here's the deal. My script resides at www.mymaindomain.com, but it gets called from www.myfirstdomain.com, or myseconddomain.com. Each domain hosts an install of phpbb so if someone is at myfirstdomain.com, and they click to post a comment, it goes to my script at www.mymaindomain.com. That's why when my cookie routine looks for the cookie, it's actually looking at mymaindoman.com instead of mymaindomain.com. Make sense? Is there any way for me to tell the script which domain to look at? Like the one that makes the call? Thanks.	[reply]
Re^3: Help reading cookies by skx (Parson) on Nov 23, 2008 at 15:05 UTC
Is there any way for me to tell the script which domain to look at? Like the one that makes the call? No. If it is the "wrong" domain then the script won't even receive the cookie. The client's browser won't send it. This is out of your control. Steve --	[reply]
Re^4: Help reading cookies by htmanning (Friar) on Nov 23, 2008 at 21:14 UTC
Re: Help reading cookies by fmerges (Chaplain) on Nov 23, 2008 at 13:52 UTC
Hi, One way is to have domain wide cookies, so that the cookie is set for domain.com and your servers are like main.domain.com, first.domain.com, etc. Another technique is Cross Domain Cookies I would also recommend you to take a look at OpenID Regards, fmerges at irc.freenode.net	[reply]
Re: Help reading cookies by Anonymous Monk on Nov 23, 2008 at 07:54 UTC
use CGI or die;	[reply]


"be consistent"
	PerlMonks