I am developing a game.
I need to exchange data between PHP and JavaScript.
PHP generates a value (a secret text), which is the solution of the game.
PHP encodes the value via base64_encode(), enduser should not find the solution (easily).
PHP stores the encoded value in Cookie.
JavaScript reads the cookie value.
JavaScript decodes the value, window.atob()
JavaScript checks user entry vs. generated secret text from the cookie.
This approach works on localhost, but not on web server.
Following is the code I am using. (in PHP, setting "domain" param with my website such "mydomain.com" did not solve the issue)
PHP
function setMyCookie($name, $value) {
setcookie($name, $value, [
'expires' => time() + 86400,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => false,
'samesite' => 'None',
]);
}
JavaScript
function getCookie(cname) {
let name = cname + "=";
let decodedCookie = decodeURIComponent(document.cookie);
let ca = decodedCookie.split(';');
for(let i = 0; i <ca.length; i++) {
let c = ca[i];
while (c.charAt(0) == ' ') {
c = c.substring(1);
}
if (c.indexOf(name) == 0) {
return c.substring(name.length, c.length);
}
}
return "";
}
Question 1: How can fix my issue on webserver?
Question 2: Is there another approach (other than cookie) which you may recommend?
Thanks BM