Jump to content

PHP log in issues... please help.

cjp_24

By cjp_24
in PHP Coding Help

 Share

Recommended Posts

cjp_24 Newbie

cjp_24

Posted
Posted

Hi all, I hope someone could please help me.

 

I have written 50% of my site and the login/logout part works but intermittantly I am getting problems with it. Let me explain ..

 

I have <login.php> which has a form with USERNAME and PASSWORD, when you submit POST's to <dologin.php>

 

<dologin.php> checks the DB for the username then the password and, if all Ok (and it does come back OK) it will then set a $_COOKIE(["Username"],$row["username"],3600); then I do a HEADER ( "location: <back to my site>/index.php" );

 

on the <index.php> page, there is a nav button that when detects the cookie "Username" is set to then show, and also if the cookie is set then makes the Login button a logout button.

 

... now

 

this works 95% of the time, 5% it doesnt. You will log in and then click SUBMIT, but when it goes back to the <index.php> page, the cookie is just not set so the login button doesnt change and you are not effectivley logged in. (other pages that track the "Username" cookie)...

 

and sometimes it is the same when the first part works, I click the LOGOUT button which goes to <dologout.php> which just clears the cookie (by setting time()-3600), when it goes back to <index.php> via Header ("location: <back to my site>/index.php" ); again sometimes the cookie does not delete.

 

Is there any problems generally with $_COOKIES with this sort of thing.

 

I hope I am making sense :)

 

Please help, it is annoying.. It is like sometimes the cookie is either not saving or it taking longer to save so it is not being picked up.  :confused: :confused:

 

Thanks

Cliff

Link to comment
https://forums.phpfreaks.com/topic/200029-php-log-in-issues-please-help/
Share on other sites
cjp_24 Newbie

cjp_24

Posted
  • Author
Posted

Cookies are not instantly available once set, only after the next HTTP request. Regardless of this though, relying on a cookie to validate a user is totally insecure; I could just set the cookie myself.

 

Oh okay, I hear you. I am fairly new with PHP and the the security of it all. What would you suggest? Sessions? are sessions instantly available once set?

 

But surely when I set the cookie and then header ("location:") to another page, that is the next HTTP request? is it not? :(  :'(

 

Thanks for you help

Cliff

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

By default, sessions propagate the session id using a cookie, so whatever is causing your setcookie()/$_COOKIE to not work may in fact prevent sessions from working as well. It would be best to find out why your cookies are not working.

 

I'm going to guess that your code is clearing the cookie under some conditions. It would take seeing your code to directly be able to help with what it is or is not doing.

cjp_24 Newbie

cjp_24

Posted
  • Author
Posted

By default, sessions propagate the session id using a cookie, so whatever is causing your setcookie()/$_COOKIE to not work may in fact prevent sessions from working as well. It would be best to find out why your cookies are not working.

 

I'm going to guess that your code is clearing the cookie under some conditions. It would take seeing your code to directly be able to help with what it is or is not doing.

 

Thanks PFMaBiSmAd,

 

When I go home tonight I will post the code up for you to see...

 

Cliff

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.