Obligatory "I'm new at this".
I'm having an issue where a cookie doesn't seem to be persisting after captive portal login. I have a captive portal set up where it lands on our web server, stores mac and a unique ID on 2 cookies, redirects them elsewhere for authentication, and then they come back to our webserver where we look up that uid and return a unique code. Testing this on a windows computer it works fine, however on an android phone it doesn't. It seems that on an android phone I can see that the cookie is set, on that default browser you get with wifi hotspots, because I have made that page echo the value. But then when I manually enter in the url in the chrome browser it shows me that the cookie is no longer set to any value. Tested this on 2 android phones and my windows laptop (which again works fine). Any ideas on this?
This probably looks like a shambles.
This is the first page they land on:
$sql = "select uid from table where mac =('$client_mac_address')";
$uidResult = $conn->query($sql);
if($uidResult->num_rows > 0) {
while($row = mysqli_fetch_array($uidResult)) {
$cookie_uid = "UID";
echo $row['uid'];
setcookie($cookie_uid,$row['uid'],time() + (86400 * 30),"/");
if(!isset($_COOKIE[$cookie_uid])) {
echo "Cookie named '" . $cookie_uid . "' is not set!";
} else {
echo "Cookie '" . $cookie_uid . "' is set!<br>";
echo "Value is: " . $_COOKIE[$cookie_uid];
echo $_COOKIE[$cookiename];
}
}
};
This is the final page they land on I'm getting their MAC first and then using it to find the uid later:
<?php
$cookiename = "UID";
if(!isset($_COOKIE[$cookiename])) {
echo "Cookie '" . $cookiename . "' isn't set <br>";
} else {
echo "Cookie '" . $cookiename . "' is set <br>";
echo "Value: " . $_COOKIE[$cookiename];
}
?>
<script>
function getCookie(UID) {
var name = UID + "=";
var decodedCookie = decodeURIComponent(document.cookie);
var ca = decodedCookie.split(';');
for(var i = 0; i <ca.length; i++) {
var c = ca[i];
while (c.charAt(0) == ' ') {
c = c.substring(1);
}
if (c.indexOf(name) == 0) {
return c.substring(name.length, c.length);
}
}
return "";
}
function getCode(){
var uid = getCookie("UID");
if (uid == "") {
return;
console.log("empty");
} else {
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp = new XMLHttpRequest();
} else {
// code for IE6, IE5
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200) {
document.getElementById("divCode").innerHTML = this.responseText;
console.log("on ready");
}
};
xmlhttp.open("GET","getCode.php?q="+uid,true);
console.log("open");
xmlhttp.send();
console.log("send");
}
}
</script>
which goes to a php file on the server to handle the get request:
$q = intval($_GET['q']);
echo "$q";
$servername = "localhost";
$username = "user";
$password = "password";
$dbname = "dbname";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
if (!$conn) {
die('can't connect: ' . mysqli_error($conn));
}
mysqli_select_db($conn,"table");
$sql="SELECT code FROM table WHERE uid = ".$q;
$result = mysqli_query($conn,$sql);
echo "<table>
<tr>
<th>Code</th>
</tr>";
while($row = mysqli_fetch_array($result)) {
echo "<tr>";
echo "<td>" . $row['code'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($conn);
Captive Portal stores the cookies in a sandbox environment, it doesn't share with the normal browser in android as well as ios.