??Lost cookie data: output buffering??

earthlingzed

I have a user authentication script that logs the user name in a cookie when login is successful. The problem I am running into is that when the user logs in the first time, they get bounced back to the login screen again (cookie is there, but not storing data). When they login the second time they get into the protected areas fine.

I have suspicion that my code is ok but that there may be something in my PHP configuration that is causing the problem. I have the output buffering flag on. Could this cause the problem? I turned it off and still got the same problem.

My code is below:

<?
include("config.inc");

$username=$_POST["username"];
$pass = $_POST["password"];

#echo "username = ".$username."<br>pass = ".$pass;

$auth=false;
if(isset($username) && isset($pass)){

$sql="SELECT * FROM ".$prefix."_instructor WHERE log='$username'AND pass='$pass'" ;
$result=mysql_query ($sql); 

$num = mysql_num_rows($result); 
if($num != 0){ 
$auth = true;
	}
}

if(!$auth) {
	$message = "<span class='whitey1'>Username or Password Incorrect</span><p><a href='index.php'>Try login again</a><p>If you have forgotten your password, use the link below to have the <br>password sent to the instructor email address. <p><a href='send_pass.php'> email password to instructor address</a>";


}else {

   # set username cookie
   setcookie ("username", $_POST["username"], time()+3600); 

   #redirect
   header("Location:".$admin_path."admin_home.php");
}

?> 
<html>
<head>
<title>Adminstrator Login</title>

<link rel="stylesheet" href="<?php echo $style_path; ?>">
</head>

<body leftmargin='0' topmargin='0' marginwidth='0' marginheight='0'>
<table width='100%' border='0' cellspacing='0' cellpadding='8' >
  <tr valign='bottom' align='left'>
    <td colspan='3' height='70' class='top'><span class='classname'><?php echo $course_number."  "; echo $course_title; ?>
</span><br><font size='2' color='white'>Instructor:<?php echo $instructor_name; ?></font></td>
  </tr>
  <tr valign='top' align='left'>
    <td width='15%' class='sides'><img src='../images/shim.gif' width='150' height='5'>
                  <p>&nbsp;
        </td>
    <td width='70%' class='middle'>

<? if(isset($message)){ echo $message; } ?>

</td>
    <td width='15%' class='sides'><img src='../images/shim.gif' width='5' height='700' border='0'></td>
  </tr>
</table>
</body>
</html>

Access check include file (included before any output to browser):

<?
if(isset($_COOKIE["username"])) {
   $logged = "<span style='text-transform:capitalize'>".$_COOKIE["username"]." </span>logged in";
}else{
   header("Location:".$admin_path."index.php");
}
?>

insectis

Well, this probably won't help a whole lot, but I took your code, ran it on my server and it let me log in first time, no problem. I then checked the cookie values and it had the correct username stored in the cookie. So, I think you're right in your suspision that it's not your code.

Hope this helps somewhat.. 🙂

insectis

earthlingzed

That is very helpful to know. What broswer and OS are you using to test it? I am running Safari and it seems to be having the most difficulty with the login.

Does anyone have any insight as to what could cause such a problem in my server configuration?

I have these flags on in my htaccess file (I know it is bad to have register globals on, but I am in the process of retooling to get rid of that):

php_flag magic_quotes_gpc On
php_flag output_buffering On
php_flag register_globals on
php_flag track_vars on
php_flag trans_sid on

insectis

I'm using Mozilla on Windows 2000...

earthlingzed

Hmmmm...

Could the browser itself play a part in the problem? I have cookies enabled ont eh browsers I am testing. Somehow mac browsers seem to be having the most trouble with it.