I'm new to PHP (been using Cold Fusion for 6 years now) and I am having serious trouble with the Header("Location: blahblah"); thing.... Do you know of any special settings in the php.ini file that I may be missing? I'm using PHP 4.3.6 on Windows 2000 with IIS5.0.

Page 1 (Member_Login.php):

 

if($HTTP_POST_VARS['action']=="login"){ 
    if($totalRows_rsLogin==0){ 
        //$errorMessage = "Not Active"; 
        header("Location: NoAccess.php?Page=Member_Login");exit; 
        mysql_free_result($rsLogin); 
    } else { 
        mysql_free_result($rsLogin); 
        setcookie("UserID",$HTTP_POST_VARS['username'],time() + 2592000,"/"); 
        // Expire Date: 30 
        // Expire Time: 12:00:00 
        header("Location: members/process.php?mem=" . $HTTP_POST_VARS['username'] . "");exit; 
    } 
} 
?>

Page 2 (Process.php):

<? 
if(!isset($HTTP_COOKIE_VARS['UserID'])){ 
    header("Location: ../NoAccess.php?Page=Process");exit; 
}

Here are my php.ini settings:

session.save_path=C:\winnt\temp
sessions.use_cookies=1
session.use_only_cookies=1
session.cookie_lifetime=0
session.cookie_path=C:\winnt\temp
register_globals = On

Whenever I try to set a cookie, it will not set properly. I check my Cookies folder and nothing will appear. If I remove the Redirect in the Member_Login.php file, the cookie will set properly. However, if there is a redirect, the cookie is never set and the page just redirects without recognizing the cookie.

Any help would be apprecaited.

Thanks.

    Try tekky's suggestion first.

    Another possibility would be that the cookie isnt yet available on the page re-directed to, but I have my doubts.

      Ohh there is a catch with Cookies... I totally overlooked that portion of the question

      Cookies are never available on the page they sets them.... the page must be reloaded inorder for cookies to become accessible.... Dunno if that applies here or not...

        Thank you so much for your help so far. Unfortunately, the full URL didn't help. I tried that once before (and again just now) and it didn't seem to help. As I call the page that is supposed to set the cookie, the process should be as follows:

        1. Check the DB for the correct login and password
        2. If valid, set a cookie with the login name. If not, redirect to the NoAccess.php page.
        3. (Assuming valid login) Redirect to a Process.php page that tells the user which section in the web site they can access. The Process.php page checks to see if the cookie was created. If the cookie was not created, it will redirect to the NoAccess.php page.

        The problem, as I understand it, is that the cookie is not being set at all. As I enter my login and password information, I have my cookies folder open to check and see if the cookie was ever made, and it was not. The funny thing is, Process.php has a second cookie being created (not associated with the login), and that works.

        This entire site was created on a Unix platform and is being transported over to Windows 2000. It wokrs flawlessly on Unix, but has a serious cookie problem in Windows. My guess is that there must be some setting somewhere that is causing the problem, but I do not know enough about PHP to troubleshoot the php.ini file.

        Hope this information is more helpful.

        Thanks again.

          The problem had nothing to do with PHP. Apparently, IIS has an issue with CGI scripts. It will not pass the Cookie headers if there is a redirect. The way around it was to replace the "header(Location)" with a JavaScript "location.href". Hopefully, if anyone else has this problem, they will be able to solve it the same way.

          Here is the full MS article on the issue if anyone is interested:

          http://support.microsoft.com:80/support/kb/articles/q176/1/13.asp&NoWebContent=1

            Write a Reply...