Cookie not setting

pederdin

I've been using code for login several times. But I have a problem with 10% of my visitors not being able to set the cookie. I think this ratio is too high and I guess there is something wrong in the code.

Are there reasons for cookies not setting sometimes or is it possible to get by this in any way? If 10% can't set cookies maybe there is a better way of handling login?

/Peder

//Login Code

$db=mysql_connect("localhost","username","password");
mysql_select_db("db",$db);
if (getenv("HTTP_CLIENT_IP"))
{
$ip2 = getenv("HTTP_CLIENT_IP");
}
elseif (getenv("HTTP_X_FORWARDED_FOR"))
{
$ip2 = getenv("HTTP_X_FORWARDED_FOR");
}
else
{
$ip2 = getenv("REMOTE_ADDR");
}
$sql_visits=mysql_query("insert into visits (ip) values (\"$ip2\")");
include ("functions.php");
$sql="SELECT username,password,status,custid FROM member WHERE username = '$username' and password='$password'";
$result=mysql_query($sql,$db);
$row=mysql_fetch_array($result);
if ($row['username'] && $row['password']) {

//Check if not accepted
if ($row['status']!=4) {

//Check if too many logins
if ($row['status']!=0) {
$datetime=date("Y-m-d H:i:s");
$session=md5("$password$datetime");
$insert=mysql_query("REPLACE INTO member_logins SET cust_id='".$row['custid']."',session='$session',date_login='$datetime'",$db);
// set cookie
setcookie ("session",$session);
// get IP
if (getenv(HTTP_X_FORWARDED_FOR))
{
$ip=getenv(HTTP_X_FORWARDED_FOR);
} else {
$ip=getenv(REMOTE_ADDR);
}

 // update member information
 $update=mysql_query("UPDATE member SET
                             logins=logins+1,
                             last_login=now(),
                             status=3,
                             lastip='$ip',
                             browserver='$browserver',
                             browsername='$browsername'
                             WHERE custid='".$row['custid']."'", $db);

 // update login-table

$sql = mysql_query("INSERT INTO log_logins SET datetime=now(), cust_id='".$row['custid']."'");

 // Check if new
 $sql = mysql_query("SELECT logins FROM member WHERE custid='".$row['custid']."'");
 $row2 = mysql_fetch_array($sql);
 if ($row2['logins']==1) {
      // if first login send to profile
      $redirect="index_profile.php";
 } else {
      // otherwise send to start
      $redirect="index_start.php";
      //header("Location: index_start.php");
 }

} else {
// status = 0 - user locked
$status="Too many logins. Contact us.
}
} else {
// status 4 = new
$status="Please get back when registration is done.";
}
} elseif ($password && $username) {
$update=mysql_query("UPDATE member SET status=status-1 WHERE username ='$username'");
$status="Wrong username or passwor. Please try again
}

nemonoman

try this alternate method...

function docookie($name, $data, $exp) {
$cookie = '<META HTTP-EQUIV="Set-Cookie" CONTENT="'."$name=$data";
if ($exp > 0) {
$d = date("l, d-M-Y H:i:s ", $exp);
$d = "expires =".$d." GMT ";
$cookie .= ";$d";
}
$cookie .= "\">\n";
echo $cookie;
}