cookies not working
Any idea why?
If I need to post my code I will. Thanks!
When you do a setcookie(), it adds the cookie to the HTTP headers that will be sent to the browser. It does not, in and of itself, store the data in $_COOKIE or anywhere else. Once the user's browser has received the cookie (when the page is sent to it), any further page requests to that domain will send the cookie to the server along with the rest of the HTTP request. At that time any PHP script on that site will receive the cookie from the browser and add its name and value to the $_COOKIE array.
Anyway, as far as login information goes, sessions are probably better, especially since you really don't want to be sending passwords back and forth to the browser via cookies, increasing the chance of them being intercepted, particularly in cases where other people might have access to the user's computer. (Note that sessions normally make use of a cookie, but it only exchanges a pseudo-random, generated session ID used to identify the session.)
Thanks Nog...so does this make sense?
When a user comes to my site I check if there is a cookie. If so, I set the session variables to equal the cookie. If not, I prompt them to log in and then I create a new session.
You don't even have to "look" for a cookie. If, when a user logs in successfully you save something to indicate that in $_SESSION, then all you have to do is check for it there when they access any controlled page. Just make sure that you start each controlled page with a session_start() before anything gets output.
Any controlled page:
// do your user/password check, etc.
// if the login is valid, then:
$_SESSION['username'] = $login_name;
// load login page or redirect them to it, however you want to handle it
echo "Hello, " . $_SESSION['username'];
Thanks! Once again you have been so helpful!
Just thought I would add some info in case anyone else was having a similar problem. I added sessions and it worked. However, it would only appear that the session registered on the second time through (i.e. the person would have to login twice to have the file say, "Welcome user").
I finally figured out that my problem was in my header('Location...) command that took the user from the checklogin.php file back to the main screen. I had header('Location: http://mydomain.com') instead of header('Location:http://www.mydomain.com'). When I added the www then the session took.
If you have access to the php.ini settings or can set them via a .htaccess file, you can change session.cookie_domain to ".mydomain.com" (note the leading "."), which will make the session cookie accessible regardless of whether or not the "www." sub-domain is specified.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)