I am developing a site where each user should have their own id. When I went into the console, I saw that the id was duplicated instead of being one. Is this normal and should it be?
if (isset($_COOKIE['SESSION']) && (strlen($_COOKIE['SESSION']) === 32)) {
$uid = $_COOKIE['SESSION'];
} else {
$uid = openssl_random_pseudo_bytes(16);
$uid = bin2hex($uid);
}
setcookie("SESSION", $uid, time()+(60*60*24*30));
$uid=$_COOKIE['SESSION'];
Advertisement
Answer
Cookies, by default, use the path of the page that they are set for.
You should explicitly set the path to / using the 4th argument to setcookie.
Aside: PHP has built-in session handling. You probably shouldn’t be reinventing the wheel.