Skip to content
Advertisement

Why cookies are added rather than changed?

I am developing a site where each user should have their own id. When I went into the console, I saw that the id was duplicated instead of being one. Is this normal and should it be?

if (isset($_COOKIE['SESSION']) && (strlen($_COOKIE['SESSION']) === 32)) {
    $uid = $_COOKIE['SESSION'];
} else {
    $uid = openssl_random_pseudo_bytes(16);
    $uid = bin2hex($uid);
}
setcookie("SESSION", $uid, time()+(60*60*24*30));
$uid=$_COOKIE['SESSION'];

enter image description here

Advertisement

Answer

Cookies, by default, use the path of the page that they are set for.

You should explicitly set the path to / using the 4th argument to setcookie.


Aside: PHP has built-in session handling. You probably shouldn’t be reinventing the wheel.

User contributions licensed under: CC BY-SA
1 People found this is helpful
Advertisement