Using a JavaScript-set Cookie With PHP
A website uses JavaScript to set a cookie (with a good reason). PHP needs access to that cookie to populate the timezone field of a subscription form it pulls in.
Here's the issue: PHP runs before JavaScript runs.
Because PHP is processed by the server before the web page is sent to the browser, the cookie can be unavailable because the JavaScript hasn't yet run to set the cookie.
Here's the process.
-
Before it's ever sent to the browser, PHP code modifies the page source code.
-
The page is requested.
-
PHP updates the source code. (Including, in the example case, pulling in the subscription form with cookie information in its timezone field.)
-
Now, the updated source code is sent to the browser.
-
The browser receives the page.
-
JavaScript is run as it's encountered in the source code. (Including, in the example case, doing an IP address timezone lookup as the first JavaScript action and setting a cookie with the information.)
You can see how the PHP code doesn't have access to a cookie that hasn't yet been set — on the first web page load. With subsequent page loads, the cookie was previously set and the PHP code has access to it.
The solution was fairly simple once it was seen: If the cookie is not yet available, the PHP code writes it's own JavaScript to read the cookie once it is set (and insert the cookie value into the the subscription form's timezone field).
The PHP code assumes, correctly, that by the time the subscription-form JavaScript runs, previous JavaScript on the page will already have set the timezone cookie.
Following are some of the details of the example case you may be wondering about.
The JavaScript
When the web page loads, JavaScript does an IP address lookup to determine the site visitor's timezone. A third-party service is used and the service is not entirely free.
JavaScript is used to do the lookup and to set the cookie because the site owner wants to eliminate the cost of robot and spider IP lookups. Lookups for most bots can be eliminated that way because they don't run JavaScript.
Setting a cookie with PHP wouldn't have automatic bot elimination. Many bots spoof their identity as a popular web browser.
So that's the reason the cookie is set with JavaScript — to eliminate bots.
The Subscription Form
The subscription form is pulled in with PHP because it requires database interaction and it needs to be immediately available. (If it didn't need to be immediately available, Ajax could be used.)
Part of the PHP code's job is to obtain site visitor timezone information from a cookie and insert it into the subscription form.
The first time a browser loads a web page at the domain, the cookie isn't available to the PHP code because the JavaScript hasn't yet run.
The Solution for the Example Case
Here is how it was solved for this particular website.
When the PHP code looks for the cookie and doesn't find it, it runs code that looks like this:
echo("<input type='hidden' id='form-field-id' value='@$cookievalue'>");
if( empty($cookievalue) )
{
echo('<script>document.getElementById("form-field-id").value = cookievalue</script>');
}
The above PHP code first publishes a hidden field for the subscription form, giving it the value of $cookievalue (even if the value is empty).
If $cookievalue is empty, the PHP code also writes JavaScript that will put the cookie value into the form field. The JavaScript runs when the browser receives the web page.
That solved the issue. The PHP and JavaScript play nice together. And few IP lookups are done for bots.
(This article first appeared with an issue of the Possibilities newsletter.)
Will Bontrager
