Checking if Cookies are Blocked

Ugh! I can’t believe I am coming over to the “Dark Side” and asking about JavaScript, but alas the day has come… :smirk:

Before I ask my question, let me say that a.) I don’t know JavaScript, b.) I don’t really care for it, and c.) I don’t have months and months to learn all of its theories and flavors and fundamentals.

And yet I do have an issue that might be able to be fixed with JavaScript.

So, with the above being said…

  1. How could I use JavaScript to check whether a user has blocked cookies to my website?

2.) How would I then use that to display a message telling the user that by blocking cookies they have in essence broken the website!


P.S. In fairness, I would like to learn JavaScript, but it’s not my first priority. But on this issue, it looks like I need to break down an use it.

blocked/exist… if blocked, suppose they don’t exist… a quick look on stackoverflow gets this, which should help?

if($.cookie('token') === null || $.cookie('token') === "" 
|| $.(cookie('token') === "null" || $.cookie('token') === undefined)
      //no cookie
     //have cookie

… and this will for sure help

I can already see this is going to be painful!

What is jQuery?

Do I have to install JavaScipt? I have no clue how to use JavaScript, and thought maybe I could just write a couple of lines of code and stick it into my PHP script.

Unless someone has a better idea, all I wanted to do is stick in some JavaScript in any PHP script that sets a cookie (e.g. Log In, Contact Us, etc) and if the user has blocked cookies for the given website, then display a webpage notifying the user they must enable cookies to use the website.

The problem I have now is that I use the $_SESSION variable to pass errors to an error-handling script, but if cookies are disabled then it kills the session and so I don’t have anything to pass to the error-handling page.

Why the resentment towards JavaScript. JavaScript is a vital component of the web development stack. Having an attitude of the technology being “below” you isn’t going to fair with well most people in this industry. In fact it will do nothing bring to light your lack of understanding in general. I think you’ve been talking to the wrong people whom have put the notion that JavaScript is “evil” in your head. I’m not implying it is something you need to learn this second but you should ditch the attitude immediately.


I see it as a nuisance like cleaning the garage. I would rather spend time learning MVC and OOP next and not get bogged down with JavaScript, but it seems that the way I programmed my PHP, I am painted into a corner. (See my other thread: Session Questions)

These days I feel like I can’t keep up with evolving technology, and so things like “Responsive Design” and JavaScript feel like a burden considering I don’t even know MVC and OOP. :frowning:

Well, it is my opinion, and I hope I am entitled to that. FWIW, most of what irritates me about modern websites is usually caused by JavaScript. You know, all of that popup, flyout, get in your way nonsense!

Anyways, it is just something I have been avoiding, but this may be one time where it is the only practical solution. sigh

JavaScript is as good a language as any for learning OOP.

But as far as JavaScript goes, how do I accomplish what I described above?

Can I just add in a few lines of code similar to how PHP and HTML work, or is there more to it than that?

And any comments on the code snippet above?

(When I researched this topic before posting here, I saw so many solutions online. Unfortunately they were either way over my head or seemed wrong.)

Checking if they have cookies is just one part of the solution.

I think that before you go ahead with any coding, that you need to figure out what you want to do from there.

Are you going to show them a message of some kind?
Are you going to allow them to remain with a warning that they may not be able to achieve the full experience without cookies?
Will you redirect them to somewhere else?

Do you want to learn more about guides and practices on dealing with this?

By the way - is there some reason why you aren’t using the PHP manner of setcookie and $_cookie to write/read them from PHP?

Hi Paul! :smile:

Well, my response is two parts: First, I need to fix things so my client’s website doesn’t blow up if a user blocks cookies. Second, I need to re-evaluate how my websites are set up. (See link to PHP thread above.)

For this current website, my immediate concern is if someone blocks cookies but then tries to use the “Contact Us” form.

What seems to make sense to me - but I’m open to suggestions - is having a “JavaScript sniffer” which looks for blocked cookies immediately when “contact-us.php” loads. If the user blocked cookies for the website, then a PHP error page would be displayed - via a redirect.

I guess I could add such a “sniffer” to all pages that need cookies enabled to work, but to be honest that is most of my client’s website, which means I need a different architecture. :confounded:

Of course, I always want to learn best practices! (But I’m still not quite ready to go buy a SitePoint book on JavaScript. :slight_smile: I just want to know enough to address this issue for now.)

No sure I understand what you are getting at.

I don’t use cookies other than the one that stores the$_SESSION cookie. Everything I need to store and/or pass between pages is either done using the database or sessions.

What I’m getting at, is if you don’t want to use JavaScript to check if cookies are supported by the client, you can instead use PHP to perform that check and take any appropriate action that you require.

The choice is up to you.

So you have a choice on how you configure that on the server. Either it gets added to the querystring on the end of the URL if cookies are not supported or it fails to work at all if cookies are not supported.

There is nothing to actually test for in JavaScript in that situation as the session cookie is looked after on the server end and is not made available for JavaScript to access.

Are you sure about that? My understanding of how the configuration I have is that a cookie with the user’s SessionID is stored on the user’s computer and that points to the actual SessionID and Session which are stored on the server.

I’m pretty sure the session cookie is stored on the client’s PC. And as I mentioned in another thread, appending the SessionID to the query string is a bad idea security wise.

So if a user blocked all cookies for “” then it would kills my dependence on sessions.

I looked at the PHP functions that Paul mentioned, but I don’t see how that relates to my problem. :confused:

Session cookies are stored IN THE BROWSER.

With cookies set on the server there is an option that can be set as to whether those cookies are to be shared with the web page or just passed to another server side script. There is no reason for the actual cookie identifying a $_SESSION to be available other than on the server as JavaScript would have no access to the actual session data stored in the session anyway as that never leaves the server. So the $_SESSION session cookie would only be available to server side scripts even though it is stored in the browser in between web page loads.

Which is what I was implying…

Not sure where you are going with this or how it relates to my OP. :confused:

Does this man, Felgall, that PHP session cookies remain working when the user has deliberately disabled cookies in their browser?

I don’t know. I suppose someone could try it and see. has instructions on how to make session cookies HTTPONLY

This thread has gotten off topic and I never got help on my OP.

Could someone please help me understand how I would use JavaScript to check if a user has blocked cookies for my website?

I am open to suggestions, but what seems like the best approach would be to check for blocked cookies on any page that a user lands on, and if cookies are indeed blocked, then redirect to a webpage that explains that blocking cookies adversely affects the website.

(I still wish I wasn’t so dependent on Sessions, but I haven’t gotten any good ideas in my PHP thread on how to reduce my dependency on Sessions.)