PHP Cook-ies Max-Age WRONG!?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • mryellow
    Confirmed User
    • May 2001
    • 934

    #1

    PHP Cook-ies Max-Age WRONG!?

    PHP's setcookie function seems to be wrong....

    It used to be that you'd set cookies based on a GMT general date
    format. However this wasn't affective as there is no way you can
    set a client to expire based on the server time as there is little
    chance of them being the same.

    So the standard was changed to "Max-Age" being "Seconds till
    expire". However the PHP manual states that it's "Seconds since
    Epoch (1/1/1970)". Which still creates the client/server conflict in
    time settings.

    Is the PHP manual wrong?
    or
    Is PHP wrong?
    or
    Is does it work as it should?
    Meaning you just set the number of seconds to expiry.

    -Ben
    Cyberwurx Hosting
    After trying 5 different hosts, I found the best.
    Since 1997 I've had 2 hours of downtime.
    Fast support, great techs, no hype, no gimmicks.

    <- I in no way endorse whatever just got stuck on the left of my post.
  • Intrigue
    Confirmed User
    • Feb 2004
    • 662

    #2
    try time()+$secs

    Comment

    • mryellow
      Confirmed User
      • May 2001
      • 934

      #3
      From what I can figure out the PHP manual is flat-out wrong.

      There are a crapload of people coming up with all kinds of stupid
      methods to work around the "problem" when the only real
      problem is the manual is wrong.

      -Ben
      Cyberwurx Hosting
      After trying 5 different hosts, I found the best.
      Since 1997 I've had 2 hours of downtime.
      Fast support, great techs, no hype, no gimmicks.

      <- I in no way endorse whatever just got stuck on the left of my post.

      Comment

      • mryellow
        Confirmed User
        • May 2001
        • 934

        #4
        try time()+$secs is wrong.

        time() is on the server. The cookie is expiring on the client.

        How can you set the expiry based on Epoch if the server and
        client time are not exactly the same.... You can't... Thus they
        changed the specifications and instead of using "Expires" (GMT
        general date) they now use "Max-Age" (seconds TILL EXPIRY)....
        Whereas the manual states it is "seconds since Epoch" which is
        wrong.

        There are crap-loads of ppl writting all sorts of stupid functions to
        properly handle this when the only real problem is the manual
        has false information.

        It seems this false information is so well spread that netscape
        even accounts for it and will use either the correct or incorrect
        method for expiry time by checking the server time against that of
        the client. However I believe this is the only browser which does
        such. Man there must be a LOT of people out there with incorrect
        cookie code.

        -Ben
        Cyberwurx Hosting
        After trying 5 different hosts, I found the best.
        Since 1997 I've had 2 hours of downtime.
        Fast support, great techs, no hype, no gimmicks.

        <- I in no way endorse whatever just got stuck on the left of my post.

        Comment

        • Intrigue
          Confirmed User
          • Feb 2004
          • 662

          #5
          has always worked fine for me...

          Comment

          • mryellow
            Confirmed User
            • May 2001
            • 934

            #6
            If you're setting a time well in the future you will not notice.

            -Ben
            Cyberwurx Hosting
            After trying 5 different hosts, I found the best.
            Since 1997 I've had 2 hours of downtime.
            Fast support, great techs, no hype, no gimmicks.

            <- I in no way endorse whatever just got stuck on the left of my post.

            Comment

            Working...