Using HTTP Cookies
Author: Viktor Pavlu
Cookies are sent (set) and received (read) via HTTP headers. The general form of a HTTP header is "bla: value<CR>". An empty line (one that only consists of the carriage return (<CR>) character denotes the end of the headers - after that, the actual content of the page follows.
This is an example of a minimal cgi script. It prints a content-type header (which is mandatory) and then adds the blank line to end the headers and then prints the content of the page which will then be interpreted by the client application (browser) according to the content type.
So back to the Cookies now. Setting a Cookie is done with a "Set-Cookie: <key>=<value>;expires=<exp-date>" HTTP header. The expiration date is optional and gives the date on which the cookie expires. Cookies without expiration dates don't expire.
Reading a Cookie's value is also done via HTTP headers, but this time an incoming header has to be parsed by us. Somewhere in "system/options/cgi/other-headers" there is an entry named "HTTP_COOKIE". This header is what we are searching for and now have to parse.
In the "tokens" word we now have the key-value pairs we put on the client in the first place with "Set-Cookie". The expiration date is not sent back to the server, instead cookies that already have expired will not be sent at all.
So to get the value of our cookie "name", we would write something like:
I have also written two short functions, that you can use in your scripts:
But notice that as cookies are set via HTTP headers, the set-cookie function will only work if it is called before the end of the HTTP headers - otherwise its output will be interpreted as normal text.
and reading cookies: