I am using PHP 4.3.2 and Apache 2.0.46 on Windows XP (for testing... I am migrating to a Linux server once the co-location goes through) and I am having a problem with using cookies.
If I use the following code, I get a cookie, but it isn't persistent at all... I am using logcodes (per a tutorial I read) in a mySQL database. I know the database isn't the problem, because the logcodes are stored correctly in md5 format. Here is the code (simplified, but here is the core of it)
$newval = "$userid:$logcode";
setcookie("userinfo", $newval, time() + 300);
That should set the cookie for 5 minutes, correct? I know there are other parameters for setcookie(), but if I supply the root path and host, the cookies DO NOT get set at all.
But here's where the real problem comes in. Every page that requires users to be logged in, includes a file called "detectuser.php". Here is the code :
if (isset($COOKIE['userinfo'])) {
$cookieval= $COOKIE['userinfo'];
$cookieparsed= explode (":", $cookieval);
$cookie_uid= $cookieparsed[0];
$cookie_code= $cookieparsed[1];
if (is_numeric($cookie_uid)) {
$db = mysql_connect("localhost","user","password");
mysql_select_db("test",$db);
$res= mysql_query("SELECT logcode FROM users WHERE id=$cookie_uid;",$db);
if ($res) {
if (mysql_num_rows($res)) {
$logcode_in_base= mysql_result($res, 0);
if ($logcode_in_base == $cookie_code) {
$newcode= md5(func_generate_string());
$res= mysql_query("UPDATE users SET logcode=’$newcode’ WHERE id=$cookie_uid;");
$valid_login = "yes";
$newval= "$cookie_uid:$newcode";
setcookie("userinfo", $newval, time() + 300);
$global_user_id= $cookie_uid;
} else {
Does anybody have any ideas? This code worked when the setcookie() call was "broken" in detectuser.php
(i.e. I called it like this "setcookie("userinfo", $newval, time()+300, "/","localhost",0);"
Are the cookies failing because of a lack of a path/host in the call? Is setcookie() broken in this release?
Any assistance is greatly appreciated.
