+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: using $_COOKIE directly is buggy (/showthread.php?tid=23665)
using $_COOKIE directly is buggy - El Forum - 10-18-2009
[eluser]tokyotech[/eluser]
Is it forbidden to use $_COOKIE directly? I recall reading that using $_GET was forbidden, but don't recall reading anything about $_COOKIE.
The problem I am having when using $_COOKIE directly is that it appears that only the controller that set the cookie can access the cookie later. Is it believing that each controller is a different domain, so for security reasons, it keeps the cookies sandboxed?
I have been reading the in the CodeIgniter cookie helper that there is a $domain parameter. Supposedly, if I set this to some common constant I can solve my problem. I would like to get a second opinion on this before I start porting over my many lines of legacy code in vain.
Thanks.
using $_COOKIE directly is buggy - El Forum - 10-18-2009
[eluser]BrianDHall[/eluser]
Per http://ellislab.com/codeigniter/user-guide/general/security.html, _COOKIE data is left alone long with _POST, so you should be able to access it directly any way you like.
If you hadn't already seen it though, you might be interested in the cookie helper: http://ellislab.com/codeigniter/user-guide/helpers/cookie_helper.html
On your problem with seemingly per-controller cookies, I haven't heard of that problem - I must admit to not dealing with cookies much in CI, so I'm unable to intelligently comment as to what might be wrong or where to look.
The only thing I know of is to check your config.php, as down a bit there are cookie settings including one about domain. Supposedly it allowed setting something like ".yourwebsite.com" to allow cross-domain cookies, but my limited attempts at using it weren't satisfactory and I moved on to other issues.