cookie problem

[travisb]

I have a problem with cookies not being set on my site. They only set when you visit www.mysite.com, not mysite.com. Also, I have another address parked on our server, myothersite.com. The cookies are not being set for www.myothersite.com or myothersite.com. Here is what I have in my configuration. How can I get it so all 4 address will work?

 

  define('HTTP_COOKIE_DOMAIN', 'www.mysite.com');

 define('HTTPS_COOKIE_DOMAIN', 'www.mysite.com');

 define('HTTP_COOKIE_PATH', '/');

 define('HTTPS_COOKIE_PATH', '/');

 

[/code]

[travisb]

Any ideas for just www.mysite.com or mysite.com?

[travisb]

Anyone know how to solve this problem?

[Guest]

Pure guess, but I wonder if you change

 

define('HTTP_COOKIE_DOMAIN', 'www.mysite.com');

define('HTTPS_COOKIE_DOMAIN', 'www.mysite.com');

 

to

 

define('HTTP_COOKIE_DOMAIN', 'mysite.com');

define('HTTPS_COOKIE_DOMAIN', 'mysite.com');

 

Would it work? Probaby wouldn't hurt to try.

[Harald Ponce de Leon]

It is against the cookie specification to accept and access cross site cookies (ie, mysite.com -> myothersite.com).

 

If both sites access the same files, you would have to add some logic in application_top.php to detect from which address the customer is connecting to, and to set the cookie domain appropriately.

[travisb]

Thanks, I will take a look at the application_top. What is the correct way to have the address listed in the config file?

define('HTTP_COOKIE_DOMAIN', 'www.mysite.com');

or

define('HTTP_COOKIE_DOMAIN', 'mysite.com');

or

define('HTTP_COOKIE_DOMAIN', 'http://www.mysite.com');

[Harald Ponce de Leon]

Having www.mysite.com as the domain will only allow the browser to read/write cookies for the www.mysite.com server.

 

Having .mysite.com (the cookie specification requires atleast 2 dots) will allow the browser to read/write cookies for the mysite.com server, and any subdomains available (ie, forums.mysite.com).

 

The http://www.mysite.com setting is invalid :)

[travisb]

I have not had time to work on the cookie problem for a while because of some other areas that needed working. However, I discovered that having mulitple domains parked on the server does not require making any changes to the configuration file of application top. In my configuration file I have

  define('HTTP_SERVER', 'http://www.mysite.com'); 
 define('HTTPS_SERVER', 'https://www.mysite.com'); 
 define('ENABLE_SSL', true); 
 define('HTTP_COOKIE_DOMAIN', '.mysite.com');
 define('HTTPS_COOKIE_DOMAIN', '.mysite.com');

First I had to fix my cookies with .mysite.com . Now when I visited myothersite.com (which is parked on the same server) I get an index.php page which looks like the same one I get from mysite.com. Except the links on myothersite.com/index.php point to the domain name mysite.com because that is what is defined in the configuration file. This is fine for me because I all really wanted to do was have 2 domains and 1 site.

[travisb]

I did discover a problem with the solution in my last post. Whenever a user went to myothersite.com, all the links pointed to mysite.com. But there were no cookies set for myothersite.com so they would lose their cart if the came back to myothersite.com . Here is a solution I came up with for the configuration.php file.

$domain = $_SERVER[HTTP_HOST];
$HTTP_SERVER = "http://" . $domain;
$HTTPS_SERVER = "https://" . $domain;
$HTTP_COOKIE_DOMAIN = str_replace("www","",$domain);
$HTTPS_COOKIE_DOMAIN = $HTTP_COOKIE_DOMAIN;

// Define the webserver and path parameters
// * DIR_FS_* = Filesystem directories (local/physical)
// * DIR_WS_* = Webserver directories (virtual/URL)
 define('HTTP_SERVER', $HTTP_SERVER); 
 define('HTTPS_SERVER', $HTTPS_SERVER);
 define('ENABLE_SSL', true); 
 define('HTTP_COOKIE_DOMAIN', $HTTP_COOKIE_DOMAIN);
 define('HTTPS_COOKIE_DOMAIN', $HTTPS_COOKIE_DOMAIN);

 

I had to use HTTP_HOST instead of SERVER_NAME because the SERVER_NAME is mysite.com and myothersite.com is just parked there. This code seems to work fine and keeps the user on myothersite.com instead of transferring them to mysite.com .