Jump to content


Bizarre Cookie problem

  • Please log in to reply
1 reply to this topic

#1 johnharris

  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 26 August 2006 - 10:38 PM

I've looked around for anyone with the same problem and I can't see any solution so I decided to post. I have created this login form and it all works fine. I then added cookie support and that also worked. However, I cannot make it so that a cookie expires when the browser is closed. I have used a checkbox "remember_me" in the form, and have tested that it works ok (see the commented out echo statements in the submit section). If I login and no not check the button, then close the browser, then re-open, I am still logged in. I thought if no value for expiry was specified cookies expired on session (browser) close? Mine do not seem to be :( Below is login.php

    if (isset($_POST['submit']))    {
        require_once ('../mysql_connect.php');
        function escape_data ($data)    {
            global $dbc;
            if (ini_get('magic_quotes_gpc'))    {
                $data = stripslashes($data);
            return mysql_real_escape_string($data, $dbc);
        $message = NULL;
        if (empty($_POST['username']))    {
            $u = FALSE;
            $message .= '<p>You forgot to enter your username!</p>';
        } else    {
            $u = escape_data($_POST['username']);
        if (empty($_POST['password']))    {
            $p = FALSE;
            $message .= '<p>You forgot to enter your password!</p>';
        } else    {
            $p = escape_data($_POST['password']);
        if ($u && $p)    {
            $query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=MD5('$p')";
            $result = @mysql_query ($query);
            $row = mysql_fetch_array ($result, MYSQL_NUM);
            if ($row)    {
                if (isset($_POST['remember_me']))    {
                    setcookie ('first_name', $row[1], time()+36000, '/', '', 0);
                    setcookie ('user_id', $row[0], time()+36000, '/', '', 0);
                    header ("Location: index.php");
                    //echo '<p>ticked</p>';
                } else    {
                    setcookie ('first_name', $row[1], NULL, '/', '', 0);
                    setcookie ('user_id', $row[0], NULL, '/', '', 0);
                    header ("Location: index.php");
                    //echo '<p>Not ticked</p>';
            } else    {
                $message = '<p>Error. Your username/password is incorrect.</p>';
        } else    {
            $message .= '<p>Please try again.</p>';
    if (isset($message))    {
        echo $message;


<form action="<?php echo $_SERVER['DOCUMENT_ROOT/index.php']; ?>" method="post">

    <p>Username: <input type="text" name="username" size="15" maxlength="20" value="<?php if (isset($_POST['username']))
    echo $_POST['username']; ?>" /></p>

    <p>Password: <input type="password" name="password" size="15" maxlength="20" /></p>
    <input type="checkbox" name="remember_me" /> Keep me logged in (requires cookies to be enabled)

    <div align="center"><input type="submit" name="submit" value="Login" /></div>

#2 shocker-z

  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 27 August 2006 - 09:19 AM

why not use a session instead of cookie? these auto expire when browser is closed :)

Simpler than playing with cookies

www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users