Alright. So I've been developing this site and the authentication code sets a cookie. Easy enough. Anyway, the cookie works perfectly fine on my development server, but when transfered to another, separately-owned server, the cookie just doesn't set. The script is getting to the if statement that has the setcookie() function in it. Identical scripts on both servers. Here is the code:
function admin_login($db)
{
//attempt to login. returns false if invalid and true if correct.
$query = "SELECT * FROM users WHERE username = '".$_POST['username']."'";
$result = mysql_query($query, $db);
$row = mysql_fetch_array($result);
if ($row['password'] == (encrypt($_POST['password']))) {
setcookie( "auth", "1", time()-24*60, "/");
list_admin($db,'');
} else {
setcookie( "auth", "NULL", time()-24*60, "/");
login_check($db);
}
}
Remember that this code works fine on one server and not the other. I really doubt that it's a code problem. Is there something that has to be configured on the server in order to set cookies via PHP? Any advice would be very much appreciated.
Thanks. Bryce.
setting PHP cookies
Moderator: General Moderators
-
brycesteinhoff
- Forum Newbie
- Posts: 4
- Joined: Wed Dec 24, 2003 11:39 pm
domain
Yes, the server runs on a different domain, but I didn't include the domain at all in the set cookie function, so it shouldn't matter. As far as trim() is concerned, it really doesn't bother me. The group that will be logging in using this auth code is small and I can communicate with them easily. I know that I am typing things in right during trials.
It's wierd... it sets on my server, but not the other. THe other wierd thing is that I am using an identical setcookie line on another site on the same server. Is there anything that has to be setup with the virtual host on Apache? Something that can be disabled? I'm clueless.
It's wierd... it sets on my server, but not the other. THe other wierd thing is that I am using an identical setcookie line on another site on the same server. Is there anything that has to be setup with the virtual host on Apache? Something that can be disabled? I'm clueless.
nevertheless the browser does not send all cookies to any server.
With the domain parameter of setcookie you can only ease restrictions within the domain-check but not disable it completely. E.g. a cookie set here can send the domain-mask devnetwork.net but not php.net or <every server>. If the domain-mask is not send the domain-name of the source of the cookie is set as mask.
As mentioned in the setcookie manual this mechanism is described in rfc 2965
With the domain parameter of setcookie you can only ease restrictions within the domain-check but not disable it completely. E.g. a cookie set here can send the domain-mask devnetwork.net but not php.net or <every server>. If the domain-mask is not send the domain-name of the source of the cookie is set as mask.
As mentioned in the setcookie manual this mechanism is described in rfc 2965
-
brycesteinhoff
- Forum Newbie
- Posts: 4
- Joined: Wed Dec 24, 2003 11:39 pm
oops, I misunderstood the problem... sorry.
what happens if you change your function admin_login to?
what happens if you change your function admin_login to
Code: Select all
function admin_login($db)
{
error_reporting(E_ALL); // ony for
ini_set('display_errors', TRUE); // debugging
...
}-
brycesteinhoff
- Forum Newbie
- Posts: 4
- Joined: Wed Dec 24, 2003 11:39 pm