test for session and persistent cookies

jarboy

Hi,

If a browser makes one request for a page I want to test if the client:
1. is accepting session cookies
2. is accepting persistent cookies

I can't seem to work out how to do it in less than 3 calls to the server:

1st call is by the browser
2nd call is a redirect with the session kept open to check for a session cookie.
3rd call is a redirect after the session has been closed to check if persistent cookies are allowed by the client

Am I being a bit ignorant on this? Any help would be gratefully received.

Bloodwine

I may be wrong in my approach, as my only tests thus far have been run in Firefox with the developer toolbar that allows me to disable cookies ... I haven't tested in any other browers.

I ran into a problem where search bots are running up my hit counter because they don't handle sessions and are tracked/recorded each and every page view.

My solution was to do this:

session_name("SessionFor".md5("My Site Name"));

session_start();

global $flag_has_session;
if (isset($_COOKIE) && is_array($_COOKIE) &&
    isset($_COOKIE["Session4".md5("My Site Name")])) {
   $flag_has_session = true;
}
else {
   $flag_has_session = false;
}

I then test that variable throughout various parts of the script such as traffic logging functions. My next step is to count the search bots (and users with cookies disabled) once and only once based on some sort of educated guess based on: Lack of Cookies + User Agent + IP

Sure there will be some people that will still "break" the system, such as cookieless AOL'ers (whose IP changes every request), but that is better than not knowing when and which search bots are crawling my site. Anyways, I digress...

In Firefox (with cookies disabled) the $COOKIE[] array was set, but empty. With cookies enabled, $COOKIE["SessionFor".md5("My Site Name")] was set.

There may be a more elegant solution.

I'm not sure about checking for persistent cookies, though.