Unable to view cookie in the browser (codeigniter)

Question

I'm attempting to check out the contents of a cookie I'm setting using CodeIgniter. I am able to dump the contents of the cookie array correctly server-side, but unable to view them in the inspector in my browser (so client-side).

I am using CodeIgniter version 3, if that helps. This is the code where I set the cookie:

 if ($email === $admin_email && $password = $password) {

            echo 'credential match';

            $this->load->helper('cookie');

            if ($remember_me == '1') {                            

                $email    = $this->input->post('email');
                $password    = $this->input->post('password');
                $remember = $this->input->post('remember_me');

                $cookie1 = array(
                    'name' => 'email',
                    'value' => $email,
                    'expire' => '86400',
                    'domain' => base_url(),
                    'path' => '/admin/',
                    'prefix' => 'myprefix_',
                    'secure' => TRUE
                );

                $this->input->set_cookie($cookie1);
                echo "<pre>";


                var_dump($cookie1);
                echo"</pre>";
                echo 'Checked';
            }

        }
    return TRUE; // if credential matches
    } else {
        return False;
    }

Here's an image to clarify what I mean: cookie

As for the passwords: That's a completely different question to your first question. Try reading through sites like http://jeremykendall.net/2014/01/04/php-password-hashing-a-dead-simple-implementation/ or https://www.bentasker.co.uk/blog/security/201-why-you-should-be-asking-how-your-passwords-are-stored for an indication. — Erik S, Mar 25 '15 at 12:17
What output *are* you getting? The only reason I can think of that would cause it to not show your var_dump would be if it did not reach the inner if statement, so if $remember_me does not equal the *string* '1'. Is the top image your output or what you are trying to get? — Erik S, Mar 25 '15 at 14:10
Also, your $cookie1 array definition seems off. After the `'secure'=>TRUE` line, you close the array, but then you continue with it again. Is this a 1-on-1 copy from your codebase? Because if so, you should be getting syntax errors. — Erik S, Mar 25 '15 at 14:11
if remember_me = 1 i am setting cookies and i want to view cookie name and value in my browser i am not getting in either of the cases — Chaitanya K, Mar 25 '15 at 14:26
i want to view cookie name and value,in inspect element ->resources tab->cookies — Chaitanya K, Mar 25 '15 at 14:38
Ah, now I understand. That's not possible, as I'll try to explain in an answer. — Erik S, Mar 25 '15 at 15:08

Erik S · Answer 1 · 2015-03-25T15:44:00.317

1

The cookie you are setting is likely stored server-side. On the client side (so in your browser), you can see the reference your browser sends to the server, so it knows who you are (the session). The server then uses that to look up the cookies for your session so you can access it in your code. The values themselves are stored on the server: Not in the browser.

Therefore, the only way you can get the values of the cookies are by printing them from your server, in PHP (which is processed on the server).

If you would store the cookie using Javascript/Jquery, then it will typically be stored client-side, and thus show up in your inspector.

Edit: Looking better at your newest image, it seems you set a path in the cookie. Try removing that line, and see if it works then. If you set a path, then the cookie will only show up on pages with that path (so in this case localhost/admin/*). I'm not completely sure how CI handles cookies, but it might also not store it client-side because of the 'SECURE' entry, so you can try disabling that as well.

edited Mar 25 '15 at 15:44

answered Mar 25 '15 at 15:08

Erik S

1,939
1
18
44

i am using http://localhost:8080/ and when i try to pass domain name and its below attributes in that array , i fail to view cookie value and name in browser. Please once view the below image http://i.stack.imgur.com/4b8nT.png – Chaitanya K Mar 25 '15 at 15:27
It is possible you stored that value client-side (e.g. with Javascript) in a cookie. In that case, it would be stored there. – Erik S Mar 25 '15 at 15:28
i tried with these cases: domain -> http://localhost:8080/classified/ path -> / domain -> http://localhost:8080/classified/ path ->/admin/ path ->admin/ domain -> .localhost:8080/ domain -> .localhost/ domain -> '' and also with NULL , False , Even i removed path and tried, but its not working – Chaitanya K Mar 25 '15 at 17:10
Have you also tried removing the SECURE entry? What do you want to access the variables for on the clientside, anyway? – Erik S Mar 25 '15 at 17:24
yes i removed SECURE and tried , but no use. i need domain attribute value ,, but when i put domain or attributes below it , i can find my cookie name and value in browser – Chaitanya K Mar 25 '15 at 17:36

score 1 · Accepted Answer · answered Mar 26 '15 at 18:01

Solved ,marked 'secure' => FALSE

                // set cookie 
                  $cookie = array(
                    'name' => 'email',
                    'value' => $email,
                    'expire' => '86500',
                    'domain' => '.xyzsoftsolutions.com',
                    'path' => '/admin',
                    'prefix' => 'admin_',
                    'secure' => FALSE
                );

                $this->input->set_cookie($cookie);

Unable to view cookie in the browser (codeigniter)

2 Answers2