Dear Group Readers,
A website written in PHP/MySql uses cookies for users' login. Sometimes
users report that they view somebody else's account info when they
login to their account. Do you have any idea why it may happen?
I thought this would be because of caching problem of users' ISPs and
tried all No-Cache META ways like putting another header at the end
(http://www.htmlgoodies.com/beyond/nocache.html) but complaints didn't
stop.
FYI here is the cookie setting part:
setcookie("[COOKIENAME]", $cookie_val, 0, "/");
and in all other pages it reads the username from database and goes on:
SELECT * FROM [USERS] WHERE UserName='$cookieuser'
Really appreciate your help,
-sjariri