www.webdeveloper.com
Results 1 to 8 of 8

Thread: cookies not working

  1. #1
    Join Date
    May 2009
    Posts
    124

    cookies not working

    I am learning how to use cookies and sessions. I am currently having a problem where the page only recognizes the cookie if the user leaves the site and comes back.

    Any idea why?
    If I need to post my code I will. Thanks!
    Marie

  2. #2
    Join Date
    May 2009
    Posts
    124
    As I am reading more, I am wondering if I misunderstood the use of cookies. Should I be using sessions to store the user/password info for the user's current session and use cookies for when they come back again?

  3. #3
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,330
    When you do a setcookie(), it adds the cookie to the HTTP headers that will be sent to the browser. It does not, in and of itself, store the data in $_COOKIE or anywhere else. Once the user's browser has received the cookie (when the page is sent to it), any further page requests to that domain will send the cookie to the server along with the rest of the HTTP request. At that time any PHP script on that site will receive the cookie from the browser and add its name and value to the $_COOKIE array.

    Anyway, as far as login information goes, sessions are probably better, especially since you really don't want to be sending passwords back and forth to the browser via cookies, increasing the chance of them being intercepted, particularly in cases where other people might have access to the user's computer. (Note that sessions normally make use of a cookie, but it only exchanges a pseudo-random, generated session ID used to identify the session.)
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  4. #4
    Join Date
    May 2009
    Posts
    124
    Thanks Nog...so does this make sense?

    When a user comes to my site I check if there is a cookie. If so, I set the session variables to equal the cookie. If not, I prompt them to log in and then I create a new session.

    Thanks!

  5. #5
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,330
    You don't even have to "look" for a cookie. If, when a user logs in successfully you save something to indicate that in $_SESSION, then all you have to do is check for it there when they access any controlled page. Just make sure that you start each controlled page with a session_start() before anything gets output.

    login processing:
    PHP Code:
    <?php
    session_start
    ();
    // do your user/password check, etc.
    // if the login is valid, then:
    $_SESSION['username'] = $login_name;
    Any controlled page:
    PHP Code:
    <?php
    session_start
    ();
    if(empty(
    $_SESSION['username']))
    {
       
    // load login page or redirect them to it, however you want to handle it
       
    exit;
    }
    echo 
    "Hello, " $_SESSION['username'];
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  6. #6
    Join Date
    May 2009
    Posts
    124
    Thanks! Once again you have been so helpful!

    Marie

  7. #7
    Join Date
    May 2009
    Posts
    124
    Just thought I would add some info in case anyone else was having a similar problem. I added sessions and it worked. However, it would only appear that the session registered on the second time through (i.e. the person would have to login twice to have the file say, "Welcome user").

    I finally figured out that my problem was in my header('Location...) command that took the user from the checklogin.php file back to the main screen. I had header('Location: http://mydomain.com') instead of header('Location:http://www.mydomain.com'). When I added the www then the session took.

  8. #8
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,330
    If you have access to the php.ini settings or can set them via a .htaccess file, you can change session.cookie_domain to ".mydomain.com" (note the leading "."), which will make the session cookie accessible regardless of whether or not the "www." sub-domain is specified.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles