By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,776 Members | 1,397 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,776 IT Pros & Developers. It's quick & easy.

Problems with PHP and sessions

P: n/a
PHP
I have a login page, that have this code:

It is called from a page with a form and 3 inputs, email, password and
autologin.

<?PHP

mysql_connect("localhost", "user", "psw");
mysql_select_db("database");

$email = $_POST["email"];
$psw = $_POST["psw"];
$autologin = $_POST["autologin"];

if($autologin == "on")
session_set_cookie_params(60*60*24*365, "/");
else
session_set_cookie_params(0, "/");

session_start();
$_SESSION["email"] = $email;
$_SESSION["psw"] = $psw;

session_write_close();

mysql_query("UPDATE blaa....") or die(mysql_error());

header("Location: /?page=user_login");

exit();
?>
My index.php looks like this:

<?PHP

if(!empty($_COOKIE["PHPSESSID"]))
{
session_start();
$email = $_SESSION["email"];
$psw = $_SESSION["psw"];
}

.... blaa... ?>

My problem is, that if set the "autologin = on" (that means the cookie
must have a 365 days expire), my cookie is set perfectly on the login
page but as soon as it is redirected to the index page, it overwrite the
cookie with an expire whenever the browser closes!?
Why?

I have seen on the PHP manual page, that there can be a lot of problems
if you use a "header", but how do I fix this problem (if possible)? I
Jul 17 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
SEssion cookes only exist for the duration of the session, and are normally
deleted by the browser when u close the window.

Your server will also delete the session info from ur server after 20
minutes (or whatever the default is set to).

For auto login, save the username and password in a cookie that is saved in
the users computer, and then check for the cookie existance.

(I probably wouldnt store the password, store some random key).

- Alistair

"PHP" <sd****@REM.hotmail.com> wrote in message
news:42***********************@dreader1.cybercity. dk...
I have a login page, that have this code:

It is called from a page with a form and 3 inputs, email, password and
autologin.

<?PHP

mysql_connect("localhost", "user", "psw");
mysql_select_db("database");

$email = $_POST["email"];
$psw = $_POST["psw"];
$autologin = $_POST["autologin"];

if($autologin == "on")
session_set_cookie_params(60*60*24*365, "/");
else
session_set_cookie_params(0, "/");

session_start();
$_SESSION["email"] = $email;
$_SESSION["psw"] = $psw;

session_write_close();

mysql_query("UPDATE blaa....") or die(mysql_error());

header("Location: /?page=user_login");

exit();
?>
My index.php looks like this:

<?PHP

if(!empty($_COOKIE["PHPSESSID"]))
{
session_start();
$email = $_SESSION["email"];
$psw = $_SESSION["psw"];
}

... blaa... ?>

My problem is, that if set the "autologin = on" (that means the cookie
must have a 365 days expire), my cookie is set perfectly on the login page
but as soon as it is redirected to the index page, it overwrite the cookie
with an expire whenever the browser closes!?
Why?

I have seen on the PHP manual page, that there can be a lot of problems if
you use a "header", but how do I fix this problem (if possible)? I

Jul 17 '05 #2

P: n/a
PHP
> My index.php looks like this:

<?PHP

if(!empty($_COOKIE["PHPSESSID"]))
{
session_start();
$email = $_SESSION["email"];
$psw = $_SESSION["psw"];
}

... blaa... ?>

I have found my problem - I should not have a session_start() in the
index.php also as this overwrites the existing one. That took me some
time to understand! I thought I should have session_start on all pages.
Jul 17 '05 #3

P: n/a
PHP wrote:
I thought I should have session_start on all pages.


AFAIK, you do! Session_start() loads the session variables in for the
current session.

Cheers,
Nicholas Sherlock
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.