The problem I have now is that I use the $_SESSION variable to pass errors to an error-handling script, but if cookies are disabled then it kills the session and so I don’t have anything to pass to the error-handling page.
Anyways, it is just something I have been avoiding, but this may be one time where it is the only practical solution. sigh
Checking if they have cookies is just one part of the solution.
I think that before you go ahead with any coding, that you need to figure out what you want to do from there.
Are you going to show them a message of some kind?
Are you going to allow them to remain with a warning that they may not be able to achieve the full experience without cookies?
Will you redirect them to somewhere else?
Do you want to learn more about guides and practices on dealing with this?
Well, my response is two parts: First, I need to fix things so my client’s website doesn’t blow up if a user blocks cookies. Second, I need to re-evaluate how my websites are set up. (See link to PHP thread above.)
For this current website, my immediate concern is if someone blocks cookies but then tries to use the “Contact Us” form.
I guess I could add such a “sniffer” to all pages that need cookies enabled to work, but to be honest that is most of my client’s website, which means I need a different architecture.
So you have a choice on how you configure that on the server. Either it gets added to the querystring on the end of the URL if cookies are not supported or it fails to work at all if cookies are not supported.
Are you sure about that? My understanding of how the configuration I have is that a cookie with the user’s SessionID is stored on the user’s computer and that points to the actual SessionID and Session which are stored on the server.
I’m pretty sure the session cookie is stored on the client’s PC. And as I mentioned in another thread, appending the SessionID to the query string is a bad idea security wise.
So if a user blocked all cookies for “www.mysite.com” then it would kills my dependence on sessions.
I looked at the PHP functions that Paul mentioned, but I don’t see how that relates to my problem.
This thread has gotten off topic and I never got help on my OP.
I am open to suggestions, but what seems like the best approach would be to check for blocked cookies on any page that a user lands on, and if cookies are indeed blocked, then redirect to a webpage that explains that blocking cookies adversely affects the website.
(I still wish I wasn’t so dependent on Sessions, but I haven’t gotten any good ideas in my PHP thread on how to reduce my dependency on Sessions.)